Update
- Now you can limit the access to an API as follows
Also, you can enter
0 for unlimited.
The API System also supports
Banned IPs from the Admin CP, as it includes the default global.php file
So you can ban an IP, although I will explain why that's not good, instead you shouldn't give an API key to a customer if you're gonna ban his IP.
Example of the system :
Calling the
online API, which provides you with the online users. With the following headers :
-
apikey : A valid API key produced by the system
-
output : json
will produce the following output :
{
"users": [
{
"sid": "4a389f6a6cfd12b41c252b77aaf31c61",
"ip": "::1",
"uid": "1",
"time": "1408572009",
"location": "\/online?",
"username": "admin",
"nopermission": "0",
"invisible": "0",
"usergroup": "4",
"displaygroup": "0",
"activity": {
"activity": "unknown",
"location": "\/online?"
},
"display": "<span style=\"color: green;\"><strong><em>admin<\/em><\/strong><\/span>"
}
],
"guests": [],
"count": "1",
"wolcutoffmins": "15",
"mostonline": {
"numusers": 2,
"time": 1408543064
}
}
For each user, I added a
display field, to make it easy to reproduce the same output as the one in the forums
the
count field is the number of total users online.
wolcutoffmins is a settings entry, and corresponds to the number of minutes MyBB uses to consider a session still active. Other fields can be discussed, if you think we shouldn't return the IP Address of each user as a result of the API, well, the user would have visited the customer's website anyway, the customer wouldn't need to call our API to get the user's IP.
Of course I'm not reinventing the wheel, I try to reuse a maximum of already-coded functions to produce these results.
API URLs are now in the following form :
http://forum-url.tld/api.php/online/path...parameters
Also, an API can throw an exception, which is handled in a very nice way, I will detail all that later on