Initial commit

.gitlab-ci.yml

+include: "https://git.autistici.org/noblogs/composer-publish/raw/master/common.yml"
\ No newline at end of file

README.md

+Simple plugin to prevent unauthenticated access to the Wordpress REST API.
+
+See https://developer.wordpress.org/rest-api/frequently-asked-questions/#can-i-disable-the-rest-api
+for further details.
+

ai-authenticate-rest-api.php

+<?php
+/**
+ * Plugin Name: ai-authenticate-rest-api
+ * Plugin URI: https://git.autistici.org/noblogs/ai-authenticate-rest-api-plugin
+ * Description: Ensure REST API access is authenticated
+ * Version: 0.0.1
+ * Author: Autistici/Inventati
+ * Author URI: https://www.autistici.org/
+ * License: MIT
+ * License URI: http://opensource.org/licenses/MIT
+ */
+
+add_filter('rest_authentication_errors', function($result) {
+    // If a previous authentication check was applied,
+    // pass that result along without modification.
+    if (true === $result || is_wp_error($result)) {
+        return $result;
+    }
+ 
+    // No authentication has been performed yet.
+    // Return an error if user is not logged in.
+    if (!is_user_logged_in()) {
+        return new WP_Error(
+            'rest_not_logged_in',
+            __('You are not currently logged in.'),
+            array('status' => 401)
+        );
+    }
+ 
+    // Our custom authentication check should have no effect
+    // on logged-in requests
+    return $result;
+});
+

composer.json

+{
+    "name": "noblogs/ai-authenticate-rest-api-plugin",
+    "description": "git@git.autistici.org:noblogs/ai-authenticate-rest-api-plugin.git",
+    "type": "wordpress-plugin",
+    "require": {
+        "composer/installers": "^1.9"
+    },
+    "authors": [
+        {
+            "name": "ale",
+            "email": "ale@autistici.org"
+        }
+    ]
+}