Adding security to add-on

I've created an add-on so I can post to my blog from phone and I've just realized it has no security at all, w which means anyone could have posted to my blog! (I've taken it down now of course).

Options (if there are others, please let me know):

  1. send Statamic user account in URL request (I use HTTPS but if others don't then it's in plaintext)
  2. use authorization token in the add-on config file

Are there other options? I don't have the ability to set Headers or anything in the HTTP request.

Answered by Erin Dalzell!
>>>>>>> Answered <<<<<<<
5 Replies