If OpenNab is ever going to be used in a "public server" as an alternative to Violet, then we need to able to have "public APIs" (e.g. I want my MAC to be public and anyone may send me an mp3) versus "private APIs" ( I don't want anyone to be able to reboot my buny; only I should be able to do it by using a password)
This is more an Apache configuration issue, but It's harder to do if everyting is invoked as api.php.
So "unsafe" operations should maybe be moved to a different entry point (secured_api.php?)
Log in to post a comment.