[wp-trac] [WordPress Trac] #38056: Allow custom authentication checks for post passwords
WordPress Trac
noreply at wordpress.org
Wed Sep 14 16:11:56 UTC 2016
#38056: Allow custom authentication checks for post passwords
-------------------------------+-----------------
Reporter: rmccue | Owner:
Type: enhancement | Status: new
Priority: normal | Milestone: 4.7
Component: Posts, Post Types | Version:
Severity: normal | Keywords:
Focuses: |
-------------------------------+-----------------
In order to implement post passwords for non-web contexts (such as a REST
API), it'd be really nice to allow custom authentication checks for
whether a post password is required.
All of the password checking is abstracted nicely away into
`post_password_required()`, but this checks the cookie and is not
filterable at all. By making this filterable, we can allow custom handling
in the REST API.
As a side-effect, this can make it easier to implement custom access
controls for post content. For example, a filter on
`post_password_required` could check if the user has paid for the content.
`get_the_password_form` is already filterable, and these two could be
combined nicely. This brings the advantage of working with other parts of
core without needing a tonne of filters everywhere. It also allows more
custom access controls, such as allowing super admins access to passworded
posts.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/38056>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list