This is a Wordpress Plugin that adds JSON endpoints for creating, listing, and deleting sites on multisite.
This plugin aims to be simple to make Wordpress polyglot environments not only possible, but practical. I'm not the best at PHP, ruby and Go are more my thing, hence why I'm making this API. Contributions are greatly appreciated.
- TODO: Add some configuration options
- TODO: Add
full-stack-test.php
to make a MySQL connection and verify the whole stack loads, faster and more efficient than trying to do a full page rendering for your uptime checks.
This was originally written on PHP 5.3.x and so is probably still compatible with that version. However, upgrading to phpunit 8 required that I make tests require PHP 7.2+. So its probably still fine to run this on something less than 7.2, but since I can't get working tests on that version, I don't recommend it.
Make sure you limit access to the enpoints! You should not allow any yahoo off the internet to scan your site and look for these endpoints. I highly recommend some sort of .htaccess
or nginx configuration settings to deny access to all but the local addresses you use for the API clients.
Something like this maybe:
Apache:
<Location /srv/wordpress/wp-content/plugins/multisite-json-api/endpoints>
DenyFrom All
AllowFrom 127.0.0.0/24 10.0.0.0/8
</Location>
Nginx:
location /wp-content/plugins/multisite-json-api/endpoints {
deny all;
allow 127.0.0.0/24 10.0.0.0/8;
}
Also, as of right now all user names and password are passed through http Headers. That means SSL is pretty much mandatory.
All of the enpoints require you to authenticate with an existing wordpress user. Currently all require the superadmin role, but that may change.
Username and password are passed with the HTTP Headers User
and Password
respectively. These are plain text so you need to be using SSL (which you are doing already right?).
- URL: /wp-content/plugins/multisite-json-api/endpoints/create-site.php
- Method: POST
- Payload example:
{"email": "[email protected]", "site_name": "awesomeblog", "title": "Awesome Blog", "password":"123456"}
- Description: Creates a site. If the email address does not exist this will create a new user with that email address. The
site_name
is the path or subdomain you would like to use, password os optional, if not set will fallback to a random generated one.
- URL: /wp-content/plugins/multisite-json-api/endpoints/list-sites.php
- Method: GET
- Payload example: No payload, only GET variables
- GET Variables: public, spam, archived, deleted
- Description: Lists sites by wordpress tags. All of the variables are boolean 0 or 1, and will list sites where that variable is set to the boolean provided. For example:
?public=1&deleted=0
will list all sites that are public but not deleted.
- URL: /wp-content/plugins/multisite-json-api/endpoints/delete-site.php
- Method: DELETE
- Payload example:
{"blog_id": 49, "drop": false}
- Description: Deletes a site. If
drop
is set totrue
wordpress will remove the site from the database completely. Otherwise the only thing this does is set thedeleted
attribute on the site totrue
.
Used the great Wordpress boiler plate template to get this thing off the ground.
Same as WordPress GPLv2.