Currently, anything can send note requests for any player on the server without authentication. This poses a huge security (and annoyance) risk. There should be some form of authentication to prevent player notes from being accepted from any sender but themself. There are a variety of ways that we could handle this.
Grab the IP of the note request's sender and ensure that it is the same as the IP of the player.
Con: This method would prevent proxies from being used. Additionally, if the user is connecting on a device using a different IP address than what they're connecting to the server with (e.g. a phone on a cell tower), the IPs won't match either.
Pro: No player setup required.
Via some command, send the player a unique "token" (password) which they must enter on the web interface (or send with each request) which would then be checked against.
Con: Requires player setup.
Pro: Virtually foolproof, easy to use and understand, and can work on any device.
Another question is, should authentication even be handled by mcmidi/server, or should it be left up to individual plugins depending on mcmidi to implement authentication themselves?
IP address matching is a no-go. Use a token. mcmidi/server should handle it; leaving each listener to re-roll authentication sucks and breaches the note event API.
Currently, anything can send note requests for any player on the server without authentication. This poses a huge security (and annoyance) risk. There should be some form of authentication to prevent player notes from being accepted from any sender but themself. There are a variety of ways that we could handle this.
Another question is, should authentication even be handled by mcmidi/server, or should it be left up to individual plugins depending on mcmidi to implement authentication themselves?