Api\V1\Engine\Api::isAuthorized PHP Method

    public static function isAuthorized()
    {
        // grab data
        $email = \SpoonFilter::getGetValue('email', null, '');
        $nonce = \SpoonFilter::getGetValue('nonce', null, '');
        $secret = \SpoonFilter::getGetValue('secret', null, '');
        // data can be available in the POST, so check it
        if ($email == '') {
            $email = \SpoonFilter::getPostValue('email', null, '');
        }
        if ($nonce == '') {
            $nonce = \SpoonFilter::getPostValue('nonce', null, '');
        }
        if ($secret == '') {
            $secret = \SpoonFilter::getPostValue('secret', null, '');
        }
        // check if needed elements are available
        if ($email === '' || $nonce === '' || $secret === '') {
            return self::output(self::NOT_AUTHORIZED, array('message' => 'Not authorized.'));
        }
        // get the user
        try {
            $user = new BackendUser(null, $email);
        } catch (\Exception $e) {
            return self::output(self::FORBIDDEN, array('message' => 'This account does not exist.'));
        }
        // get settings
        $apiAccess = $user->getSetting('api_access', false);
        $apiKey = $user->getSetting('api_key');
        // no API-access
        if (!$apiAccess) {
            return self::output(self::FORBIDDEN, array('message' => 'Your account isn\'t allowed to use the API. Contact an administrator.'));
        }
        // create hash
        $hash = BackendAuthentication::getEncryptedString($email . $apiKey, $nonce);
        // output
        if ($secret != $hash) {
            return self::output(self::FORBIDDEN, array('message' => 'Invalid secret.'));
        }
        // return
        return true;
    }

 /**
  * Get a list of all the forms
  *
  * @param int $limit  The maximum number of items to retrieve.
  * @param int $offset The offset.
  * @return array
  */
 public static function getAll($limit = 30, $offset = 0)
 {
     if (BaseAPI::isAuthorized() && BaseAPI::isValidRequestMethod('GET')) {
         // redefine
         $limit = (int) $limit;
         $offset = (int) $offset;
         // validate
         if ($limit > 10000) {
             return BaseAPI::output(BaseAPI::ERROR, array('message' => 'Limit can\'t be larger than 10000.'));
         }
         $forms = (array) BackendModel::getContainer()->get('database')->getRecords('SELECT i.id, i.language, i.name, i.method,
              UNIX_TIMESTAMP(i.created_on) AS created_on,
              UNIX_TIMESTAMP(i.edited_on) AS edited_on
              FROM forms AS i
              ORDER BY i.created_on DESC
              LIMIT ?, ?', array($offset, $limit));
         $return = array('forms' => null);
         foreach ($forms as $row) {
             $item['form'] = array();
             // set attributes
             $item['form']['@attributes']['id'] = $row['id'];
             $item['form']['@attributes']['created_on'] = date('c', $row['created_on']);
             $item['form']['@attributes']['language'] = $row['language'];
             // set content
             $item['form']['name'] = $row['name'];
             $item['form']['method'] = $row['method'];
             $return['forms'][] = $item;
         }
         return $return;
     }
 }