Open sterrenb opened 4 years ago
Thanks for making an issue on my behalf!
I think the ideal solution would be to maintain the UX you already have with the "Require API token for authenticated requests" checkbox.
If the user has left that unticked, then the requests are the same, including a blank query parameter for auth
. If the user has ticked the box, then use auth
parameter is whatever they put in the textbox.
Does that make any sense?
Interesting...here's what I got.
So it seems like it returns just the plaintext not authorized wih the 'wrong' API key. Perhaps its due to the space escaping..however having no spaces at all:
http://pi.hole/admin/api.php?enable&auth=Nopasswordset
it also returns the sameNot authorized
string.Weird how you just get [].
For reference this is Pi-Hole v5:
$ pihole version Pi-hole version is v5.0 (Latest: v5.0) AdminLTE version is v5.0 (Latest: v5.0) FTL version is v5.0 (Latest: v5.0)