douying0108 2016-07-14 16:59
浏览 34

在没有对外部请求进行身份验证的情

I'm working with the WordPress REST API for the first time.

The idea behind the project is that once a POST request has been made to a custom endpoint, the data is escaped/cleaned up and then saved into the database through WP's own functions. I'm basically just collecting feedback submitted through a form on a site ( plus many other sites ) and send the data to another site (my own one).

How would you handle security in this case? I can't use oauth. What I'd like to do is just make sure the request has been genuinely made from that form.

Any ideas?

  • 写回答

1条回答 默认 最新

  • douyouqian8550 2016-07-14 17:14
    关注

    I recommend you use token authentication, use a signed token to validate the identity of the user who make a request. In this case JWT, you can choose the PHP JWT library you feel better using.

    评论

报告相同问题?

悬赏问题

  • ¥15 2020长安杯与连接网探
  • ¥15 关于#matlab#的问题:在模糊控制器中选出线路信息,在simulink中根据线路信息生成速度时间目标曲线(初速度为20m/s,15秒后减为0的速度时间图像)我想问线路信息是什么
  • ¥15 banner广告展示设置多少时间不怎么会消耗用户价值
  • ¥16 mybatis的代理对象无法通过@Autowired装填
  • ¥15 可见光定位matlab仿真
  • ¥15 arduino 四自由度机械臂
  • ¥15 wordpress 产品图片 GIF 没法显示
  • ¥15 求三国群英传pl国战时间的修改方法
  • ¥15 matlab代码代写,需写出详细代码,代价私
  • ¥15 ROS系统搭建请教(跨境电商用途)