#wordpress 2020-06-20

2020-06-20 UTC
ndegruchy__, [chrisaldrich], [KevinMarks], [schmarty], [snarfed], nickodd, mattl, [LewisCowles], shrysr, gRegorLove, [fluffy], jeremycherfas and [jgmac1106] joined the channel
#
[jgmac1106]
are you overpaying for wordpress.com or using wordpress.org and a shared host?
[LewisCowles], [KevinMarks], nickodd and sknebel_ joined the channel
#
@danielpunkass
I continue to struggle supporting @WordPress customers who have paid extra for the premium business hosting, and ironically have to jump through hoops to authorize XMLRPC connections. I wish they would fix this. https://help.red-sweater.com/marsedit/two-factor-authentication/
(twitter.com/_/status/1274372777110355968)
#
aaronpk
Or at the very least, IndieAuth
#
GWG
IndieAuth for WordPress doesn't need Micropub. It even works for manually issued tokens
#
aaronpk
Would the IndieAuth plugin work with the xmlrpc api?
#
GWG
aaronpk: Honestly don't know.
#
GWG
I should look into that.
#
GWG
I think someone changed XMLRPC to work with a different auth method, but I've never researched it.
#
GWG
aaronpk: Logging in via username and password seems pretty hard-coded.
#
aaronpk
to xmlrpc?
#
aaronpk
it looks like there's a way to use "app passwords" with xmlrpc, not sure exactly how that works
#
GWG
So, you are still handing in a username and password.
#
GWG
Just not your password
#
GWG
I suppose we could plug it to ignore the username and password passed and look for a token.
#
GWG
Hmm...
#
GWG
But you'd still have to pass empty username and password fields
#
[KevinMarks]
Is the password slot big enough to hold a token?
#
GWG
In theory.
#
GWG
That's how they probably did application passwords at some point.
#
GWG
I don't think XML-RPC the spec supports anything other than basic auth
[jeremycherfas], [snarfed], [tw2113], [tantek], [manton], vsasvipul, [LewisCowles] and [fluffy] joined the channel; nickodd left the channel