API Authentication & Fixed Hidden Content

[FuckingToasters]

As the Title explains, i added API-KEY Authentication to other Endpoints.
I also added a regex which check if text is wrapped inside [hide]some text[/hide] and if so, the api return a custom message that the content is hidden.

It's useful to avoid users using the API to see content they are not supposed to see.

I'm not good in PHP but would still be nice to have something which give the hidden content text if the usergroup is set as hidden content bypass or if the user has unlocked the content.

[Xazin]

I can't accept this PR for multiple reasons.

We shouldn't enforce your use-case upon others, the fact is that you want all endpoints to enforce API key authentication, but it's not the common use case (the one intended by me when creating the plugin).

There should be a setting, eg. multi-select, in the AdminCMS where an admin can configure which endpoints should be authenticated.

Then the authentication check should be moved to a common function that makes sure we don't have the redundancy of having all of the endpoints have the same check and logic.

[FuckingToasters]

I can't accept this PR for multiple reasons.

We shouldn't enforce your use-case upon others, the fact is that you want all endpoints to enforce API key authentication, but it's not the common use case (the one intended by me when creating the plugin).

There should be a setting, eg. multi-select, in the AdminCMS where an admin can configure which endpoints should be authenticated.

Then the authentication check should be moved to a common function that makes sure we don't have the redundancy of having all of the endpoints have the same check and logic.

Check line 63 & line 84 here:
https://github.com/FuckingToasters/mybb_api/blob/master/Upload/api/posts.php#L63

https://github.com/FuckingToasters/mybb_api/blob/master/Upload/api/posts.php#L84

I also don't see an option in the ACP where you can customize which endpoints have key authentication, i thought you forgot to add the auth xD

[Xazin]

I can't accept this PR for multiple reasons.

We shouldn't enforce your use-case upon others, the fact is that you want all endpoints to enforce API key authentication, but it's not the common use case (the one intended by me when creating the plugin).

There should be a setting, eg. multi-select, in the AdminCMS where an admin can configure which endpoints should be authenticated.

Then the authentication check should be moved to a common function that makes sure we don't have the redundancy of having all of the endpoints have the same check and logic.

Check line 63 & line 84 here:
https://github.com/FuckingToasters/mybb_api/blob/master/Upload/api/posts.php#L63

https://github.com/FuckingToasters/mybb_api/blob/master/Upload/api/posts.php#L84

I also don't see an option in the ACP where you can customize which endpoints have key authentication, i thought you forgot to add the auth xD

Yes, as I said, I can't accept your PR until that is implemented alongside it. I was describing the solution, not existing.