mu-plugin in playground to disable REST API auth #30
Conversation
ashfame
force-pushed
the
disable_rest_api_auth_in_playground
branch
2 times, most recently
from
7a7a13a to
b02dd8e
Compare
ashfame
force-pushed
the
disable_rest_api_auth_in_playground
branch
from
b02dd8e to
a31c80e
Compare
|
This is a great solution! However, it doesn't seem to be working, I haven't looked into why that is. I added a temporary button to create a post (we can delete it before merging this). After clicking the button, in the extension console, you can see that the response is 401: |
|
I haven't tested it in this repo (meaning from the frontend in this repo), but a simple curl command to the REST API and it worked. 401 without it, and successful post creation with it. I will do some digging. |
|
@psrpinto You can try now & once you remove the test button, mark this as approved, so that I can merge :) don't mind the failing test, its from test code, which will be gone. |
|
I removed the button and took the liberty of improving a couple of things. |
|
@psrpinto Excellent! I see |
|
@psrpinto confirmed its intentionally kept there for reference, so merging now. |
This PR effectively solves our "how to auth" with REST API problem since we do this in playground specific to our browser extension and not in general with the backend plugin.
I ended up trying this "disabling auth" approach because with using password approach, that works with application passwords and not just regular user's password. And even with application passwords, there wasn't an easy way to communicate that to frontend once we create and set that up. Options exist for development purposes but not so much for prod, when folks are using this extension out in the wild.
I think this playground specific effect is quite a good option. Thoughts?