[WordPress] 外掛分享： Password Reset with Code for WordPress REST API

Name: Password Reset with Code for WordPress REST API
Rating: 5 (10 reviews)
Author: dominic_ks

WordPress 外掛 Password Reset with Code for WordPress REST API 的封面圖片

1,000+

安裝啟用

★★★★★

5/5 分（10 則評價）

287 天前

最後更新

—

問題解決

WordPress 4.6+ PHP 5.4+ v0.0.17 上架：2020-05-08

內容目錄

1 內容簡介
2 外掛標籤
3 開發者團隊
4 原文外掛簡介
5 延伸相關外掛

內容簡介

這是一個簡單的外掛程式，可以在 WordPress REST API 中使用代碼添加重設密碼功能。此過程是一個兩步驟的流程：

用戶請求重設密碼。一個四位數的代碼將發送到他們註冊的電子郵件地址。
當用戶設置新密碼時，輸入代碼，只有當代碼有效且未過期時才設置新密碼

還可以檢查代碼的有效性，而不必重置密碼，這使設置密碼方式或者檢查代碼並重置密碼（如果需要的話）成為可能。

默認設置為使用四位數字代碼，生存期為15分鐘，之後需要請求一個新的代碼。

端點

外掛程式將兩個新端點添加到REST API中：

端點：/wp-json/bdpwr/v1/reset-password
- HTTP動詞：POST
- 參數（全部必填）：
- 電子郵件

端點：/wp-json/bdpwr/v1/set-password
- HTTP動詞：POST
- 參數（全部必填）：
- 電子郵件
- 密碼
- 代碼

端點：/wp-json/bdpwr/v1/validate-code
- HTTP動詞：POST
- 參數（全部必填）：
- 電子郵件
- 代碼

範例請求（jQuery）
重設密碼
$.ajax({
url: '/wp-json/bdpwr/v1/reset-password',
method: 'POST',
data: {
email: '[email protected]',
},
success: function( response ) {
console.log( response );
},
error: function( response ) {
console.log( response );
},
});

設置新密碼
$.ajax({
url: '/wp-json/bdpwr/v1/set-password',
method: 'POST',
data: {
email: '[email protected]',
code: '1234',
password: 'Pa$$word1',
},
success: function( response ) {
console.log( response );
},
error: function( response ) {
console.log( response );
},
});

驗證代碼
$.ajax({
url: '/wp-json/bdpwr/v1/validate-code',
method: 'POST',
data: {
email: '[email protected]',
code: '1234',
},
success: function( response ) {
console.log( response );
},
error: function( response ) {
console.log( response );
},
});

範例成功回應（JSON）
重設密碼
{
"data": {
"status": 200
},
"message": "A password reset email has been sent to your email address."
}

設置新密碼
{
"data": {
"status": 200
},
"message": "Password reset successfully."
}

驗證代碼
{
"data": {
"status": 200
},
"message": "The code supplied is valid."
}

範例錯誤回應（JSON）
重設密碼
{
"code": "bad_email",
"message": "No user found with this email address.",
"data": {
"status": 500
}
}

設置新密碼
{
"code": "bad_request",
"message": "You must request a password reset code before you try to set a new password.",
"data": {
"status": 500
}
}

外掛標籤

wp-api password reset

開發者團隊

👤 dominic_ks 👤 wpamitkumar

⬇ 下載最新版 (v0.0.17) 或搜尋安裝

① 下載 ZIP → 後台「外掛 › 安裝外掛 › 上傳外掛」
② 後台搜尋「Password Reset with Code for WordPress REST API」→ 直接安裝（推薦）

📦 歷史版本下載

0.0.2 0.0.3 0.0.4 0.0.5 0.0.6 0.0.7 0.0.8 0.0.9 trunk 0.0.10 0.0.11 0.0.12 0.0.13 0.0.14 0.0.15 0.0.16 0.0.17

原文外掛簡介

A simple plugin that adds a password reset facility to the WordPress REST API using a code. The process is a two step process:

User requests a password reset. A code is emailed to their registered email address
The user enters the code when setting a new password, which is only set if the code is valid and has not expired

It is also possible to check the validity of a code without resetting the password which enables the possibility of setting the password by other means, or having a two stage process for checking the code and resetting the password if desired.
Default settings are to use an 8 digit code consisting of numbers, upper and lower case letters and special characters, which has a life span of 15 minutes, afterwhich a new code would need to be requested. By default a user can attempt to use or validate a code up to 3 times before automatically invalidating it.
Endpoints
The plugin adds two new endpoints to the REST API:

Endpoint: /wp-json/bdpwr/v1/reset-password
— HTTP Verb: POST
— Parameters (all required):
— email

/wp-json/bdpwr/v1/set-password
— HTTP Verb: POST
— Parameters (all required):
— email
— password
— code

/wp-json/bdpwr/v1/validate-code
— HTTP Verb: POST
— Parameters (all required):
— email
— code

Example Requests (jQuery)
Reset Password
$.ajax({
url: '/wp-json/bdpwr/v1/reset-password',
method: 'POST',
data: {
email: '[email protected]',
},
success: function( response ) {
console.log( response );
},
error: function( response ) {
console.log( response );
},
});

Set New Password
$.ajax({
url: '/wp-json/bdpwr/v1/set-password',
method: 'POST',
data: {
email: '[email protected]',
code: '1234',
password: 'Pa$$word1',
},
success: function( response ) {
console.log( response );
},
error: function( response ) {
console.log( response );
},
});

Validate Code
$.ajax({
url: '/wp-json/bdpwr/v1/validate-code',
method: 'POST',
data: {
email: '[email protected]',
code: '1234',
},
success: function( response ) {
console.log( response );
},
error: function( response ) {
console.log( response );
},
});

Example Success Responses (JSON)
Reset Password
{
"data": {
"status": 200
},
"message": "A password reset email has been sent to your email address."
}

Set New Password
{
"data": {
"status": 200
},
"message": "Password reset successfully."
}

Validate Code
{
"data": {
"status": 200
},
"message": "The code supplied is valid."
}

Example Error Responses (JSON)
Reset Password
{
"code": "bad_email",
"message": "No user found with this email address.",
"data": {
"status": 500
}
}

Set New Password
{
"code": "bad_request",
"message": "You must request a password reset code before you try to set a new password.",
"data": {
"status": 500
}
}

Validate Code
{
"code": "bad_request",
"message": "The reset code provided is not valid.",
"data": {
"status": 500
}
}

Filters
A number of WordPress filters have been added to help customise the process, please feel free to request additional filters or submit a pull request with any that you required.
Filter the length of the code
add_filter( 'bdpwr_code_length' , function( $length ) {
return 4;
}, 10 , 1 );

Filter Expiration Time
add_filter( 'bdpwr_code_expiration_seconds' , function( $seconds ) {
return 900;
}, 10 , 1 );

Filter the date format used by the plugin to display expiration times
add_filter( 'bdpwd_date_format' , function( $format ) {
return 'H:i';
}, 10 , 1 );

Filter the reset email subject
add_filter( 'bdpwr_code_email_subject' , function( $subject ) {
return 'Password Reset';
}, 10 , 1 );

Filter the email content
add_filter( 'bdpwr_code_email_text' , function( $text , $email , $code , $expiry ) {
return $text;
}, 10 , 4 );

Filter maximum attempts allowed to use a reset code, default is 3, -1 for unlimmited
add_filter( 'bdpwr_max_attempts' , function( $attempts ) {
return 3;
}, 10 , 4 );

Filter whether to include upper and lowercase letters in the code as well as numbers, default is false
add_filter( 'bdpwr_include_letters' , function( $include ) {
return false;
}, 10 , 4 );

Filter the characters to be used when generating a code, you can use any string you want, default is 0123456789
add_filter( 'bdpwr_selection_string' , function( $string ) {
return '0123456789';
}, 10 , 4 );

Filter the WP roles allowed to reset their password with this plugin, default is any, example below shows removing administrators
add_filter( 'bdpwr_allowed_roles' , function( $roles ) {

$key = array_search( 'administrator' , $roles );

if( $key !== false ) {
unset( $roles[ $key ] );
}

return $roles;

}, 10 , 1 );

Filter to add custom namespace for REST API
add_filter( 'bdpwr_route_namespace' , function( $route_namespace ) {
return 'xyz/v1';
}, 10 , 1 );

Credits

Plugin icon / banner image by Sincerely Media