I'm writing a plugin that expose a custom resource via WordPress API's. Now the resource is public so anyone knows the API's endpoint can get the resource but I would to secure it, what's the best practice with WordPress?
I was thinking to JWT but I don't want to use third party plugins, maybe is it possible to use a library found on packagist and installed with Composer? I never did it with a WordPress plugin...
