API that Manage User Account

mys

I have a forum. Now want to make it more advance forum 🙂

I am thinking of a plugin that provide API access to particular user roles. Using that API, we can create/delete posts with parameters like ?title=foo&content=&tag_id=1 and can do much more things.

Any hope to implement it?

clarkwinkelmann

mys Flarum's built-in REST API is already available to any authenticated user https://docs.flarum.org/rest-api

An upcoming Flarum update will add a UI to make it easier for users to create developer tokens flarum/framework3587 As things stand today, users can already create short-lived tokens using the API itself, or just copy their remember session cookie into a script.

So it seems like what you might need is more likely the opposite, make it more difficult for users who don't have the privilege to use the API. This is difficult, because Flarum is a single page application and the REST API is used by Flarum itself. So there won't be any bullet proof way to block access to the API to any user familiar with Flarum's architecture.

What you could do instead is use the rate limit API of Flarum to change how many requests a given user is allowed to perform. Users with API access could then be given more generous limits.