Authentication for WPGraphQL using JWT (JSON Web Tokens)

Overview

Logo

WPGraphQL JWT Authentication

Build Status Coverage Status

This plugin extends the WPGraphQL plugin to provide authentication using JWT (JSON Web Tokens)

JSON Web Tokens are an open, industry standard RFC 7519 method for representing claims securely between two parties.

This plugin was initially based off the wp-api-jwt-auth plugin by Enrique Chavez (https://github.com/Tmeister), but modified (almost completely) for use with the WPGraphQL plugin.

Install, Activate & Setup

You can install and activate the plugin like any WordPress plugin. Download the .zip from Github and add to your plugins directory, then activate.

JWT uses a Secret defined on the server to validate the signing of tokens.

It's recommended that you use something like the WordPress Salt generator (https://api.wordpress.org/secret-key/1.1/salt/) to generate a Secret.

You can define a Secret like so:

define( 'GRAPHQL_JWT_AUTH_SECRET_KEY', 'your-secret-token' );

Or you can use the filter graphql_jwt_auth_secret_key to set a Secret like so:

add_filter( 'graphql_jwt_auth_secret_key', function() {
  return 'your-secret-token';
});

This secret is used in the encoding and decoding of the JWT token. If the Secret were ever changed on the server, ALL tokens that were generated with the previous Secret would become invalid. So, if you wanted to invalidate all user tokens, you can change the Secret on the server and all previously issued tokens would become invalid and require users to re-authenticate.

HTTP_AUTHORIZATION

In order to use this plugin, your WordPress environment must support the HTTP_AUTHORIZATION header. In some cases, this header is not passed to WordPress because of some server configurations.

Depending on your particular environment, you may have to research how to enable these headers, but in Apache, you can do the following in your .htaccess:

SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1

For NGINX, this may work: https://serverfault.com/questions/511206/nginx-forward-http-auth-user#answer-511612

How the plugin Works

Login User

This plugin adds a new login mutation to the WPGraphQL Schema.

This can be used like so:

Input-Type: LoginUserInput!

mutation LoginUser {
  login( input: {
    clientMutationId: "uniqueId",
    username: "your_login",
    password: "your password"
  } ) {
    authToken
    user {
      id
      name
    }
  }
}

The authToken that is received in response to the login mutation can then be stored in local storage (or similar) and used in subsequent requests as an HTTP Authorization header to Authenticate the user prior to execution of the GraphQL request.

Register User

Input-Type: RegisterUserInput!

mutation RegisterUser {
  registerUser(
    input: {
        clientMutationId: "uniqueId",
        username: "your_username",
        password: "your_password",
        email: "your_email"
    }) {
    user {
      jwtAuthToken
      jwtRefreshToken
    }
  }
}

Refresh Auth Token

Input-Type: RefreshJwtAuthTokenInput!

mutation RefreshAuthToken {
  refreshJwtAuthToken(
    input: {
      clientMutationId: "uniqueId"
      jwtRefreshToken: "your_refresh_token",
  }) {
    authToken
  }
}

Filters

The plugin offers some filters to hook into.

Change Auth Token expiration

Note: For security, we highly recommend, that the Auth Token is short lived. So do not set this higher than 300 seconds unless you know what you are doing.

function custom_jwt_expiration( $expiration ) {
    return 60;
}

add_filter('graphql_jwt_auth_expire', 'custom_jwt_expiration', 10);
  • Argument: Expiration in seconds
  • Default: 300

Example using GraphiQL

Example using GraphiQL

Comments
  • Invalid or expired JWT tokens should prevent request from being serviced

    Invalid or expired JWT tokens should prevent request from being serviced

    Currently, the JWT plugin returns a 403 status when an invalid or expired JWT token is sent in the Authorization header, but it does not stop processing the request. I think this is logically and semantically incorrect, and that no processing of the request should take place.

    The current approach prevents a retry handler being used on the client side to refresh a token and re-attempt the query without deep understanding of every query or mutation that was executed, because the query or mutation may not fail, but may fail to return the expected data (for example, a customer's orders) or fail to execute the mutation in the way intended (for example, creating an anonymous comment vs a comment from an authenticated user).

    Aborting the request all together is, IMHO, the path of least surprise. It allows a quick recovery when a token has expired (reducing round trip time because less processing has to be done on the 403 response), and the client is not left trying to figure out what did work, what didn't work and what had an unintended side effect.

    WP REST has the [rest_authentication_errors](https://developer.wordpress.org/reference/hooks/rest_authentication_errors/) hook that authentication plugins can return a WP_Error with that will stop processing. I think that this is a good pattern to follow.

    Other GraphQL implementations fail without processing the request on invalid/expired authentication credentials. Some examples: Postgraphile, Prisma

    opened by mlipscombe 12
  • trying test expired token

    trying test expired token

    I'm trying testing expired token test via postman after login, I'm waiting for 5 minutes, for testing token expired but get a response like this one

    {
        "errors": [
            {
                "debugMessage": "invalid-jwt | The iss do not match with this server",
                "message": "Internal server error",
                "extensions": {
                    "category": "internal"
                },
                "locations": [
                    {
                        "line": 2,
                        "column": 3
                    }
                ],
                "path": [
                    "generalSettings"
                ]
            }
        ],
        "data": {
            "generalSettings": null
        }
    }
    

    is there anything I'm missing for setup?

    question 
    opened by haromy 11
  • Plugin Not working

    Plugin Not working

    Hi. I downloaded and activated this plugin, yet nothing changed. It added a login endpoint to graphql, but all admin requests, without or without a bearer header, return an empty array for nodes, just like before the plugin. I know headers on my site are working because I was using the rest api with headers before. From what I gather, it should throw an error if the header is missing but I can query orders, and the nodes are just empty no matter if there is a valid header or not. Im not sure how I can provide further info. The site is khemlanimart.com and I followed Readme instructions.

    opened by vikramkh 8
  • "Cookie nonce is invalid" error from Login Mutation

    Hi, I am using the login mutation in GraphiQL like this:

      login(input: $input) {
        authToken
        user {
          id
          name
          userId
          nicename
        }
        customer {
          customerId
          id
          firstName
        }
      }
    }
    

    I can only log in the admin. With every other user, I get the following error:

    {
      "errors": [
        {
          "debugMessage": "Cookie nonce is invalid",
          "message": "Internal server error",
          "category": "internal"
        }
      ]
    }
    

    Help yould be greatly appreciated. Thanks for the great work!

    opened by jbloth 8
  • Token validation fails

    Token validation fails

    When get_secret_key() gets called at line 557 of Auth.php, the function doesn't find GRAPHQL_JWT_AUTH_SECRET_KEY nor the filter graphql_jwt_auth_secret_key, so we end up with a NULL value.

    Also, I think ! empty( GRAPHQL_JWT_AUTH_SECRET_KEY ) will always return true even if it's not defined, just like happens in the case above.

    opened by videomugre 7
  • "Internal server error" in login mutation after upgrading to wp-graphql v 0.3

    I am getting "Internal server error" in login mutation after upgrading to wp-graphql v 0.3.

    Is it coming from 'user' => DataSource::resolve_user( $user->data->ID )?

    My mutation

    mutation loginAndGetTokenAndUser($username: String!, $password: String!) {
      login(
        input: {
          clientMutationId: "gonzo"
          username: $username
          password: $password
        }
      ) {
        authToken
        refreshToken
        user {
          id
          userId
        }
      }
    }
    

    The error

    {
      "errors": [
        {
          "message": "Internal server error",
          "category": "internal",
          "locations": [
            {
              "line": 2,
              "column": 3
            }
          ],
          "path": [
            "login"
          ]
        }
      ],
      "data": {
        "login": null
      }
    }
    
    opened by szvest 7
  • Require issues when hitting 'Activate Plugin'

    Require issues when hitting 'Activate Plugin'

    After hitting activate plugin... I receive the following error.

    Warning: require(/var/www/html/wp-content/plugins/wp-graphql-jwt-authentication/vendor/composer/../symfony/polyfill-mbstring/bootstrap.php): failed to open stream: No such file or directory in /var/www/html/wp-content/plugins/wp-graphql-jwt-authentication/vendor/composer/autoload_real.php on line 66

    Fatal error: require(): Failed opening required '/var/www/html/wp-content/plugins/wp-graphql-jwt-authentication/vendor/composer/../symfony/polyfill-mbstring/bootstrap.php' (include_path='.:/usr/local/lib/php') in /var/www/html/wp-content/plugins/wp-graphql-jwt-authentication/vendor/composer/autoload_real.php on line 66

    opened by michaelcuneo 7
  • Not authorized to access this customer

    Not authorized to access this customer

    Hi

    I'm trying to figure out how this plugin with React-Native. I believe I set it all right and I believe this has something to do with authorization. Appreciate if you guys can point me to the right direction on how to get it right with this query

    query CustomerQuery($id: ID!) {
      customer(id: $id) {
        billing {
          address1
          address2
          city
          postcode
          state
          country
          phone
        }
      }
    }
    

    and here is how I set up the apollo client (apollo.ts)

    import { ApolloClient, HttpLink, InMemoryCache, ApolloLink } from '@apollo/client';
    import { asyncMap } from "@apollo/client/utilities";
    
    import GRAPHQL_API_URL from './constants/Api';
    import { getUserInfo, getToken, removeUserInfo, storeUserInfo } from './Utils'
    
    // https://github.com/imranhsayed/woo-next/blob/master/components/ApolloClient.js
    export const afterware = new ApolloLink((operation, forward) => {
      return asyncMap(forward(operation), async (response) => {
        const context = operation.getContext();
        const { response: { headers } } = context;
        const session = headers.get("woocommerce-session");
        const token = await getToken();
    
        if (session) {
          if ("false" === session) {
            console.log('invalid session', session)
            // await removeUserInfo();
          } else if (token !== session) {
            const userInfo = await getUserInfo();
            const updatedUserInfo = {
              ...userInfo,
              wooCommerceSession: headers.get("woocommerce-session")
            };
            storeUserInfo(updatedUserInfo);
          }
        }
        return response;
      });
    });
    
    const authMiddleware = new ApolloLink((operation, forward) => {
      return asyncMap(forward(operation), async (response) => {
        const token = await getToken();
        console.log('token for apollo', token);
        response.headers = {
          'Authorization': `Bearer ${token}`,
          // 'woocommerce-session': 'Session'
        };
        return response
      });
    })
    
    const httpLink = new HttpLink({
      uri: GRAPHQL_API_URL,
    });
    
    export const apolloClient = new ApolloClient({
      link: authMiddleware.concat(afterware.concat(httpLink)),
      cache: new InMemoryCache(),
    });
    
    opened by muhaimincs 6
  • fix(response headers): replace single header instead of overwriting them all

    fix(response headers): replace single header instead of overwriting them all

    updated to call the 'header' instead of 'set_headers' method when writing response headers to avoid overwriting all the headers such as X-WP-Total and X-WP-TotalPages which are necessary for different plugins and pieces of Wordpress to work properly

    opened by tsmith-rv 6
  • Error! Network error: Response not successful: Received status code 403

    Error! Network error: Response not successful: Received status code 403

    I am running the latest version of the plugin on the latest wordpress. With the plugin I am able to login a user and get an auth token. I'm facing a few issues

    1. When I go to activate protected api I get the following error in my react application: Error! Network error: Response not successful: Received status code 403 Not even the login route would work anymore. How do you restrict all content in wpgraphql and allow only queryies and mutations like forgot password, login, register etc. Right now this plugin just kicks everyone out. Another strange thing is that despite this, the data is still beign returned to the console.

    2. On the topic of securing routes,..I used this example: https://www.wpgraphql.com/2019/01/30/preventing-unauthenticated-requests-to-your-wpgraphql-api/ but it also does not get_current_user_id() when the user has logged in so please help

    opened by webface 6
  • Expiry setting

    Expiry setting

    How long do tokens last until they expire? I see for the rest api JWT plugin there's a filter to increase the time before expiry. Does this plugin have something similar?

    Thanks!

    opened by TylerBarnes 6
  • "Internal server error" without a `reason` when token expires

    Hi guys,

    I am receiving an Internal server error when the token expires without any other useful message that helps me identify the error's cause.

    E.g: image

    However, if I enable the "Enable GraphQL Debug Mode", it returns the cause (invalid-jwt) of the issue but there is a warning on that option not to allow that on the production environment. Screenshot: image

    The status code is always 200 for both cases.

    Is there anything I can do to receive the error on the production environment when sending an expired token?

    opened by ltroya-as 1
  • The field \

    The field \"RootMutation.login\" cannot be accessed without authentication.

    Hi everybody, I'm trying to access the endpoint through the official WPGraphQL Plugin from the WP Plugin Library. The plugin features the option to disable all requests, except authorized ones: Bildschirmfoto 2022-10-06 um 17 31 43

    In order to use this feature I installed this plugin wp-graphql-jwt-authentication. But with the option from above activated it doesn't allow access to the login field anymore: The field \"RootMutation.login\" cannot be accessed without authentication.

    How should I deal with this? I know the plugin works, for example querying users only works with authentication through this JWT plugin. But I want to restrict access to every endpoint, including Pages, Posts, etc., except for the Authentication Enpoint. How can I achieve this, if this plugin doesn't work with the option from WPGraphQL? Thanks for any ideas! Cheers!

    opened by rotkohlsuppe 3
  • applying filter for graphql_require_authentication_allowed_fields this not working

    applying filter for graphql_require_authentication_allowed_fields this not working

    I have applied filter for this "graphql_require_authentication_allowed_fields". It's from the official documentation for allowing login field from the authentication. But it's not working.

    `add_action( 'do_graphql_request', 'force_graphql_api_authentication', 10, 1 );
    
    function force_graphql_api_authentication( $query ) {
    if ( ! defined( 'GRAPHQL_HTTP_REQUEST' ) || true !== GRAPHQL_HTTP_REQUEST ) {
        return;
    }
    
    $introspection_query = \GraphQL\Type\Introspection::getIntrospectionQuery();
    $is_introspection_query = trim($query) === trim($introspection_query);
    
    if ( $is_introspection_query ) {
        return;
    }
    
    if ( ! get_current_user_id() ) {
        throw new \GraphQL\Error\UserError( __( 'You do not have permission to access the API', 'preachitgwl' ) );
    }
    }
    
    add_filter(
    'graphql_require_authentication_allowed_fields',
    function( $allowed ) {
        $allowed[] = 'login';
        return $allowed;
    }, 10, 1 );`
    
    opened by tareq0065 0
  • "invalid-secret-key | Algorithm not allowed" with WPGatsby plugin

    This happens only when WPGatsby plugin in installed on wordpress

    wp-graphql-jwt-authentication / release-v0.5.2

    Ran into this issue after trying to fetch Gql data using authToken.

    File to edit: \wp-content\plugins\wp-graphql-jwt-authentication-release-v0.5.2\src\Auth.ph

    Screenshot 2022-06-17 135004

    Screenshot 2022-06-17 135142

    This change fixed it , Now I can fetch data from Gql

    Screenshot 2022-06-17 135328

    try { $token = ! empty( $token ) ? JWT::decode( $token, self::get_secret_key(),array_keys(JWT::$supported_algs) ) : null; } catch ( Exception $exception ) { $token = new \WP_Error( 'invalid-secret-key', $exception->getMessage() ); }

    tried passing in array('HS256') or ['HS256'] didnt work. idk why!!...

    P.S. did break my head for a day .... Hope it helps someone.. #notaprogrammer

    Feel free to optimize this code!!

    opened by Joelgeorgelive 3
  • Breaks IndieAuth authorization flow

    Breaks IndieAuth authorization flow

    Probably a bit niche, but this bit of code (https://github.com/wp-graphql/wp-graphql-jwt-authentication/blob/develop/src/ManageTokens.php#L345) somehow removes the Location header off of certain IndieAuth responses.

    Well, this one response right here: https://github.com/indieweb/wordpress-indieauth/blob/trunk/includes/class-indieauth-authorization-endpoint.php#L273

    Now, I can't say I fully understand what's going on, but that Location header "just works" again if in src/ManageTokens.php I comment out the $response->set_headers() call on line 345-355.

    (Was somehow hoping that merely adding a second ("override") parameter equal to false to the $response->set_headers() call would get it to leave existing headers alone, but that doesn't seem to do much at all.)

    I also noticed how just above it says, "The Access-Control-Expose-Headers aren't directly filterable for REST API responses, so this overrides them altogether."

    I'm wondering if that's the case, still, as WP core seems to now set these as follows (since WP5.5, in wp-includes/rest-api/class-wp-rest-server.php):

    $expose_headers = apply_filters( 'rest_exposed_cors_headers', $expose_headers );
    $this->send_header( 'Access-Control-Expose-Headers', implode( ', ', $expose_headers ) );
    

    Again, not 100% sure, but it looks like rest_exposed_cors_headers might be the filter you're looking for here. Seems it would allow one to just tack on the X-JWT-Refresh header.

    opened by janboddez 0
Releases(v0.6.0)
  • v0.6.0(Oct 25, 2022)

    Release Notes

    fix: fixes a bug where all headers were being replaced instead of adding headers. Thanks, and happy anniversary @tsmith-rv. feat: When the GRAPHQL_JWT_AUTH_SET_COOKIES constant is set to true, WordPress will set the cookies upon successful authentication with JWT Auth. Thanks @henrikwirth!

    New Contributors

    • @tsmith-rv made their first contribution in https://github.com/wp-graphql/wp-graphql-jwt-authentication/pull/118

    Full Changelog: https://github.com/wp-graphql/wp-graphql-jwt-authentication/compare/v0.5.2...v0.6.0

    Source code(tar.gz)
    Source code(zip)
  • v0.5.2(May 16, 2022)

    What's Changed

    • Remove codecept_debug which causes internal server error by @paolospag in https://github.com/wp-graphql/wp-graphql-jwt-authentication/pull/159
    • Release/v0.5.2 by @jasonbahl in https://github.com/wp-graphql/wp-graphql-jwt-authentication/pull/161

    New Contributors

    • @paolospag made their first contribution in https://github.com/wp-graphql/wp-graphql-jwt-authentication/pull/159

    Full Changelog: https://github.com/wp-graphql/wp-graphql-jwt-authentication/compare/v0.5.1...v0.5.2

    Source code(tar.gz)
    Source code(zip)
  • v0.5.1(Apr 22, 2022)

    What's Changed

    • Build with composer --no-dev by @markkelnar in https://github.com/wp-graphql/wp-graphql-jwt-authentication/pull/155
    • Release/v0.5.1 by @jasonbahl in https://github.com/wp-graphql/wp-graphql-jwt-authentication/pull/156

    New Contributors

    • @markkelnar made their first contribution in https://github.com/wp-graphql/wp-graphql-jwt-authentication/pull/155

    Full Changelog: https://github.com/wp-graphql/wp-graphql-jwt-authentication/compare/v0.5.0...v0.5.1

    Source code(tar.gz)
    Source code(zip)
  • v0.5.0(Apr 15, 2022)

    What's Changed

    • Set a 400+ status when throwing WP_Errors by @pcraciunoiu in https://github.com/wp-graphql/wp-graphql-jwt-authentication/pull/137
    • Allow multiple iss domains by @fjobeir in https://github.com/wp-graphql/wp-graphql-jwt-authentication/pull/141
    • Added the action graphql_jwt_auth_before_authenticate and the filter … by @spiralni in https://github.com/wp-graphql/wp-graphql-jwt-authentication/pull/135
    • Fix incorrect error message on invalid secret by @markspolakovs in https://github.com/wp-graphql/wp-graphql-jwt-authentication/pull/126
    • Release v0.5.0 by @jasonbahl in https://github.com/wp-graphql/wp-graphql-jwt-authentication/pull/153

    New Contributors

    • @pcraciunoiu made their first contribution in https://github.com/wp-graphql/wp-graphql-jwt-authentication/pull/137
    • @fjobeir made their first contribution in https://github.com/wp-graphql/wp-graphql-jwt-authentication/pull/141
    • @spiralni made their first contribution in https://github.com/wp-graphql/wp-graphql-jwt-authentication/pull/135
    • @markspolakovs made their first contribution in https://github.com/wp-graphql/wp-graphql-jwt-authentication/pull/126

    Full Changelog: https://github.com/wp-graphql/wp-graphql-jwt-authentication/compare/v0.4.1...v0.5.0

    Source code(tar.gz)
    Source code(zip)
  • v0.4.1(May 4, 2020)

    Release Notes

    Breaking changes

    • Potential breaking change. The filter graphql_jwt_auth_expire has been fixed to take the filtered value and add it to the issue date. So, you can use the filter, return a value of 600 and that will add 600 seconds to the issue date, and your token will expire 10 minutes after issue. If you were using this filter already, and were doing this math yourself, you should update to just return the number of seconds after issue you would like the token to expire.

    Bugfixes

    • Fixes (and adds documentation for) graphql_jwt_auth_expire filter. Thanks @henrikwirth!

    New Features

    • Updates underlying Firebase\JWT dependency. Thanks @efoken!
    • Ensures users cannot use the plugin without first defining the GRAPHQL_JWT_AUTH_SECRET_KEY
    Source code(tar.gz)
    Source code(zip)
  • v0.4.0(Feb 20, 2020)

    Release Notes

    Breaking Changes

    From a GraphQL Consumer perspective there shouldn't be any breaking changes. The shape of queries and mutations remain the same in this release.

    Some internal functions were modified, so for plugins that extend this (i.e. WPGraphQL for WooCommerce) it's best to check your use of internal functions for how changes may affect your code.

    If anything, this should fix things that previously broke when updating to WPGraphQL v0.5.0/v0.6.0 support.

    New Features

    • Removed /tests/_output directory from being versioned and added it to .gitignore
    • Updates to README.md to show more mutations. Thanks @henrikwirth!

    Bugfixes

    • Prevent execution of GraphQL Queries when an invalid token is passed through Authorization headers. If a Token is bad, the entire request should halt execution and let the requestor have a chance to try again with a proper token. Fixes #38 and #21
    • Fixes some regression issues with WPGraphQL v0.6.0 (fixes #69)
    Source code(tar.gz)
    Source code(zip)
  • v0.3.5(Jan 29, 2020)

    Release Notes

    Bugfix

    • This fixes a regression from the v0.3.4 release where the ManageTokens.php file was attempting to execute a method from WPGraphQL that has been deprecated and removed.
    Source code(tar.gz)
    Source code(zip)
  • v0.3.4(Jan 21, 2020)

    Release Notes

    • update Coveralls.yml
    • update Travis.yml
    • update to README.md
    • update to bin/install-wp-tests.sh
    • update composer.json
    • update phpcs.ruleset.xml
    • pass id through with the login resolver to allow added fields to have access to the id
    • convert fields to use register_graphql_fields API instead of filtering the WPObjectType directly
    • add new graphql_jwt_user_types filter
    • update field definitions to not rely on Types:: static methods which was deprecated by WPGraphQL in v0.6.0
    Source code(tar.gz)
    Source code(zip)
  • v0.3.3(Oct 18, 2019)

    Release Summary

    • Updates the registration of the login mutation to use regsiter_graphql_mutation so that the mutation payload can be filtered for additional output fields.
    • Fixes issues with the test environment
    Source code(tar.gz)
    Source code(zip)
  • V0.3.2(May 18, 2019)

  • v0.3.1(Mar 30, 2018)

  • v0.2.1(Nov 4, 2017)

Owner
WPGraphQL
An Open Source WordPress plugin that enables a GraphQL API for WordPress sites
WPGraphQL
Send emails via mutation using WpGraphQl

WPGraphQL Send Email Plugin One of the simple things about a traditional WordPress sites is sending emails, this plugin makes it easy to do this via a

Ashley Hitchcock 18 Aug 21, 2022
Enable query locking for WPGraphQL by implementing persisted GraphQL queries.

?? WP GraphQL Lock This plugin enables query locking for WPGraphQL by implementing persisted GraphQL queries. Persisted GraphQL queries allow a GraphQ

Valu Digital 21 Oct 9, 2022
[ALPHA] Implementation of persisted queries for WPGraphQL

WPGraphQL Persisted Queries Persisted GraphQL queries allow a GraphQL client to optimistically send a hash of the query instead of the full query; if

Quartz 18 Jun 20, 2022
An WPGraphQL extension that adds SearchWP's query functionality to the GraphQL server

QL Search What is QL Search? An extension that integrates SearchWP into WPGraphQL. Quick Install Install & activate SearchWP v3.1.9+ Install & activat

Funkhaus 11 May 5, 2022
Structured content blocks for WPGraphQL

WPGraphQL Content Blocks (Structured Content) This WPGraphQL plugin returns a WordPress post’s content as a shallow tree of blocks and allows for some

Quartz 72 Oct 3, 2022
WPGraphQL Polylang Extension for WordPress

WPGraphQL Polylang Extension Extend WPGraphQL schema with language data from the Polylang plugin. Features For posts and terms (custom ones too!) Adds

Valu Digital 102 Dec 29, 2022
a wordpress plugin that improves wpgraphql usage together with wpml

WPGraphQL WPML Extension Contributors: rburgst Stable tag: 1.0.6 Tested up to: 5.6.1 Requires at least: 4.9 Requires PHP: 7.0 Requires WPGraphQL: 0.8.

null 42 Dec 15, 2022
WPGraphQL for Advanced Custom Fields

WPGraphQL for Advanced Custom Fields WPGraphQL for Advanced Custom Fields automatically exposes your ACF fields to the WPGraphQL Schema. Install and A

WPGraphQL 558 Jan 8, 2023
Wordpress wrapper to expose Carbon Fields to WpGraphQL queries.

WpGraphQLCrb A Wordpress wrapper to expose Carbon Fields to WpGraphQL queries. Important This is just the first version. There is a lot of work to be

Matheus Paiva 16 Aug 19, 2022
Adds Settings to the Custom Post Type UI plugin to show Post Types in WPGraphQL

DEPRECATION NOTICE ?? Custom Post Type UI v1.9.0 introduced formal support for WPGraphQL!!! ?? With that, this plugin is being deprecated and will no

WPGraphQL 77 Aug 3, 2022
WPGraphQL FacetWP integration plguin

WPGraphQL-FacetWP: WPGraphQL provider for FacetWP Quick Install Download and install like any WordPress plugin. Documentation The WPGraphQL documentat

null 31 Dec 11, 2022
WPGraphQL for Meta Box

WPGraphQL-MetaBox: WPGraphQL provider for Meta Box Quick Install Download and install like any WordPress plugin. Documentation The WPGraphQL documenta

null 25 Aug 8, 2022
This is an extension to the WPGraphQL plugin for Yoast SEO

WPGraphQl Yoast SEO Plugin Please note version 14 of the Yoast Plugin is a major update. If you are stuck on version of Yoast before V14 then use v3 o

Ashley Hitchcock 197 Dec 26, 2022
Add WooCommerce support and functionality to your WPGraphQL server

WPGraphQL WooCommerce (WooGraphQL) Docs • AxisTaylor • Join Slack Quick Install Install & activate WooCommerce Install & activate WPGraphQL Download t

WPGraphQL 546 Jan 2, 2023
Generates a list of WordPress actions and filters from code and outputs them as JSON

wp-hooks-generator Generates a JSON representation of the WordPress actions and filters in your code. Can be used with WordPress plugins, themes, and

John Blackbourn 62 Nov 18, 2022
🚀WordPress Plugin Boilerplate using modern web techs like TypeScript, SASS, and so on... on top of a local development environment with Docker and predefined GitLab CI for continous integration and deployment!

WP React Starter: WordPress React Boilerplate DEPRECATED: WP React Starter was a "research project" of devowl.io for the development of our WordPress

devowl.io GmbH 344 Jan 1, 2023
A custom WordPress nav walker class to fully implement the Twitter Bootstrap 4.0+ navigation style (v3-branch available for Bootstrap 3) in a custom theme using the WordPress built in menu manager.

WP Bootstrap Navwalker This code in the main repo branch is undergoing a big shakeup to bring it in line with recent standards and to merge and test t

WP Bootstrap 3.3k Jan 5, 2023
Adds `tax_query` support to postObject connection queries using WP_Query

WPGraphQL Tax Query This plugin adds Tax_Query support to the WP GraphQL Plugin for postObject query args (WP_Query). Pre-req's Using this plugin requ

WPGraphQL 39 Dec 2, 2022
Easy handle APlayer on WordPress. A shortcode for WordPress to using APlayer.

Description Easy handle APlayer on WordPress. A shortcode for WordPress to using APlayer. Support [audio] tag, compatible with AMP. Requirement WordPr

Karl Chen 24 Nov 3, 2022