This plugin is inspired by the pdc-internal-products plugin
The plugin adds private fields to openpub items and includes them with authenticated requests.
// ...
"internal-data": [
{
"title": "This is internal data, only visible when authenticated",
"content": "<p>With html, editable in gutenberg</p>\n"
}
],
"links": [],
// ...The plugin does not create endpoints for /internal products, and merely acts as a proxy for the base plugin. The plugin handles any incoming openpub request, and if the request is authenticated the plugin will include internal data.
You will have to edit the portal codebase to include basic auth credentials when a user is logged in.
One of the methods is to create a new singleton looking like this:
// OpenPubServiceProvider.php
$this->app->singleton('openpub.items.internal', function ($app) {
$config = [
'base_uri' => env('OPENPUB_ENDPOINT'),
];
if (env('OPENPUB_APPLICATION_USERNAME') && env('OPENPUB_APPLICATION_PASSWORD')) {
$config['auth'] = [
env('OPENPUB_APPLICATION_USERNAME'),
env('OPENPUB_APPLICATION_PASSWORD'),
];
}
return new Repository(new Client($config));
});And make sure to use this when the user is authenticated, for example like this:
// OpenPubController.php
public function show(Request $request, $title)
{
if (\is_user_logged_in()) {
$repository = app()->make('openpub.items.internal');
} else {
$repository = app()->make('openpub.items');
}
// etcSimilar to pdc-internal-products this plugin uses application passwords to validate authenticated users. You can create an application password in the admin dashboard, see the wp docs
Provide the credentials in the .env file of the portal using
OPENPUB_APPLICATION_USERNAME=
OPENPUB_APPLICATION_PASSWORD=Make sure your credentials are valid, else the request will result in a 401 and the pub item will not be displayed.