54 lines
1.7 KiB
PHP
54 lines
1.7 KiB
PHP
<?php
|
|
defined('ABSPATH') or die();
|
|
/**
|
|
* @param $response
|
|
* @param $handler
|
|
* @param WP_REST_Request $request
|
|
* @return mixed|WP_Error
|
|
*
|
|
* Hook into REST API requests
|
|
*/
|
|
function authorize_rest_api_requests( $response, $handler, WP_REST_Request $request ) {
|
|
// allowed routes, whitelist option?
|
|
// $routes = array(
|
|
// '/wp/v2/csp etc',
|
|
// );
|
|
|
|
// Check if authorization header is set
|
|
if ( ! $request->get_header( 'authorization' ) ) {
|
|
return new WP_Error( 'authorization', 'Unauthorized access.', array( 'status' => 401 ) );
|
|
}
|
|
|
|
// if ( rsssl_get_networkwide_option('rsssl_restrict_rest_api') === 'restrict-roles' ) {
|
|
// Check for certain role and allowed route
|
|
if ( ! in_array( 'administrator', wp_get_current_user()->roles ) ) {
|
|
return new WP_Error( 'forbidden', 'Access forbidden.', array( 'status' => 403 ) );
|
|
}
|
|
// }
|
|
|
|
// if ( rsssl_get_networkwide_option('rsssl_restrict_rest_api') === 'logged-in-users' ) {
|
|
if ( ! is_user_logged_in() ) {
|
|
return new WP_Error( 'forbidden', 'Access forbidden to non-logged in users.', array( 'status' => 403 ) );
|
|
}
|
|
// }
|
|
|
|
// if ( rsssl_get_networkwide_option('rsssl_restrict_rest_api') === 'application-passwords' ) {
|
|
if ( ! is_user_logged_in() ) {
|
|
return new WP_Error( 'forbidden', 'Access forbidden to non-logged in users.', array( 'status' => 403 ) );
|
|
}
|
|
// }
|
|
|
|
return $response;
|
|
|
|
}
|
|
|
|
/**
|
|
* @return void
|
|
* Disable REST API
|
|
*/
|
|
function rsssl_disable_rest_api() {
|
|
add_filter('json_enabled', '__return_false');
|
|
add_filter('json_jsonp_enabled', '__return_false');
|
|
}
|
|
|
|
add_filter( 'rest_request_before_callbacks', 'authorize_rest_api_requests', 10, 3 ); |