I am building a webshop with React, Wordpress v4 and <a href="http://woocommerce.github.io/woocommerce-rest-api-docs/#introduction" rel="nofollow noreferrer">Woocommerce Rest api v2</a>.
I am a bit confused on how to proceed with authentication. I understand that for some requests like place an order or create a new product I need to authenticate.
But I also need to be able to just retrieve all products for a customer who visits the site for the first time and just wants to browse through all our products.
What is the best practice here?
My thoughts are:
<ul>
<li>Create a public, separate layer with PHP or Node which securely stores the Woocommerce API keys and provides public endpoints (only
, i.e.
)</li>
<li>Access those endpoints via JS/React and render the products</li>
<li>Create another separate layer for placing orders which requires the costumer to authenticate (i.e.
)</li>
</ul>
Also, instead of adding a separate layer I could use the Wordpress function <a href="https://developer.wordpress.org/rest-api/extending-the-rest-api/adding-custom-endpoints/" rel="nofollow noreferrer">
</a>
Is there a better way to do it or am I missing something? Or can I retrieve the Woocommerce Products somehow via the Wordpress API endpoints without api keys?
I am a bit confused on how to proceed with authentication. I understand that for some requests like place an order or create a new product I need to authenticate.
But I also need to be able to just retrieve all products for a customer who visits the site for the first time and just wants to browse through all our products.
What is the best practice here?
My thoughts are:
<ul>
<li>Create a public, separate layer with PHP or Node which securely stores the Woocommerce API keys and provides public endpoints (only
Code:
GET
Code:
GET /products<li>Access those endpoints via JS/React and render the products</li>
<li>Create another separate layer for placing orders which requires the costumer to authenticate (i.e.
Code:
POST /orders</ul>
Also, instead of adding a separate layer I could use the Wordpress function <a href="https://developer.wordpress.org/rest-api/extending-the-rest-api/adding-custom-endpoints/" rel="nofollow noreferrer">
Code:
add_action( 'rest_api_init',...Is there a better way to do it or am I missing something? Or can I retrieve the Woocommerce Products somehow via the Wordpress API endpoints without api keys?