Make WordPress Core

Opened 7 years ago

Last modified 7 years ago

#40556 new enhancement

REST API: Allow for server generating a user's password

Reported by: timothyblynjacobs's profile TimothyBlynJacobs Owned by:
Milestone: Awaiting Review Priority: normal
Severity: normal Version: 4.7
Component: REST API Keywords: has-patch has-unit-tests
Focuses: rest-api Cc:


Currently the REST API requires the client to send a password when creating a user. Ideally, the server should generate a random password when none is provided.

In WP Admin contexts this can be worked around by using the existing WP Ajax action to generate a password, but this does require a separate round trip.

In non WP Admin contexts this forces the client to generate their own password securely and it also means filters like random_password won't be called.

Patch incoming to automatically generate a password if the request parameter is omitted. If an empty string is passed, that still errors.

Attachments (1)

40556.patch (3.9 KB) - added by TimothyBlynJacobs 7 years ago.

Download all attachments as: .zip

Change History (4)

#1 @TimothyBlynJacobs
7 years ago

  • Keywords has-patch has-unit-tests added

#2 @jnylen0
7 years ago

Unlike in wp-admin, the user has no way to see their generated password using this functionality. I think this is something we'd want to address, but it's not clear to me how we would do it.

This is likely why we deferred this task to the client for the v2 endpoints.

#3 @TimothyBlynJacobs
7 years ago

I think there is value in having the server generate the password, even without returning it in the response.

When relying on the password set/reset email, the user might not get to it quickly, or at all in some cases. The default password still needs to be strong in the meantime. And In conjunction with #40477 to create user accounts that don't notify the user at all. Even in those cases, the user should have a strong password to prevent brute force attacks.

Note: See TracTickets for help on using tickets.