stackoom
  简体   繁体   中英

How to store bearer token in wordpress?

 原文  2022-07-13 18:50:20       php/ wordpress/ bearer-token

Question

I have an external API that I am sending data to from my Wordpress Form to register users. Upon registration, the API sends back a Bearer Token which I need to use to make an additional request to the API from another page.

Currently in my functions.php , I am using wp_remote_post to get the bearer token from the API. The token has an expiry time from the server side, but I can't seem to find the correct way to store it so I can make an additional request on another page. Is it a good idea to just store it in a $_SESSION global variable or is there a proper way of doing this?

Thanks

1 answers

solution1
 0  2022-07-14 02:16:07

First of all, no - do not use PHP sessions. In short, PHP sessions are a bad idea in terms of caching and performance. You can easily find more extended explanations on Google.

You can store bearer and/or refresh tokens in the database. There are some possible concerns like "if someone gets access to the database, they get the access to all security tokens", but, however, if someone got access to your database - everything is already bad.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How to get Bearer token from a request in Laravel php how to use bearer token in curl get request header? PHP: How to pass Bearer Token in GET/POST Call to Azure API? how to pass bearer token into the URL section for resetting password in laravel-8? How to install a Bearer token with Behat on my Symfony API-Platform How to pass bearer token to test API using phpunit and Liip laravel 8 how to get user id using bearer token Authorization bearer - Wordpress REST API how to store JWT token in database WordPress: How to store entities in plugin?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM