As of version 0.4, WP-AppKit handles secured user authentication that allows to: log in WordPress users from you app, restrict some part of your app content to authenticated users with given permissions, post comments from your app, make authenticated queries to WordPress, secure download links, and any other cool stuff you can think of when you can authenticate users from apps. WP-AppKit leverages the RSA public key encryption to encrypt all sensible data (password at handshake for example) and secret key based HMAC controls for all authenticated communications between the app and the WordPress server. Here are the basic steps that will bring user authentication to your WP-AppKit app: Create a RSA Private Key On Windows the easiest way is to use PuTTY (see the private key generation doc for detailed steps). On iOS/Unix based systems, simply use the “openssl” command: Then, open the generated private key file (rsa_1024_priv.pem) in a text editor, and copy its content to your clipboard. This is your private key, which should be something like: Link the Private Key to Your App In your WordPress Back Office, go edit your App and paste your private key into the “Authentication Settings”
Share This