Make WordPress Core

Opened 15 months ago

Closed 15 months ago

Last modified 15 months ago

#51602 closed enhancement (fixed)

Application Passwords: Include siteurl in return data from auth flow.

Reported by: georgestephanis Owned by: TimothyBlynJacobs
Milestone: 5.6 Priority: normal
Severity: normal Version: 5.6
Component: Login and Registration Keywords: has-patch
Focuses: rest-api Cc:


Rather than rely on applications to store and connect the site's url with the session the user returns to (which can be fragile with multiple concurrent blogs being connected at once) let's just pass back the url of the site that the credentials are generated for.

Change History (5)

This ticket was mentioned in PR #650 on WordPress/wordpress-develop by georgestephanis.

15 months ago

  • Keywords has-patch added
  • Add a comment clarifying that the php code block is a fallback for no-js
  • Fix username to user_login -- we've been doing the latter in practice, but some code still returned the former.
  • Most relevantly, add a site_url parameter to the return data so clients have confirmation of what url they can use the returned credentials with.

Trac ticket:

#2 @prbot
15 months ago

georgestephanis commented on PR #650:

I hesitate to do that as part of the goal is to be agnostic. Given the site url, the client can always determine the rest url, but the client may also want the credentials to use for xmlrpc or other systems like WPGraphQL

#3 @TimothyBlynJacobs
15 months ago

  • Owner set to TimothyBlynJacobs
  • Resolution set to fixed
  • Status changed from new to closed

In 49291:

App Passwords: Include site_url in the success redirect payload.

Props georgestephanis.
Fixes #51602.

#4 @prbot
15 months ago

TimothyBJacobs commented on PR #650:

Good point, that makes sense.

Merged in 1e85024fb4be72eb6a1244d0c7c09590ed7172a2.

#5 @desrosj
15 months ago

  • Milestone changed from Awaiting Review to 5.6
Note: See TracTickets for help on using tickets.