i finally committed i guess

Signed-off-by: boris <boris@borishub.co.uk>

api/protected.php

@@ -0,0 +1,33 @@
+<?php
+/**
+ * Protected API endpoint example
+ * 
+ * This endpoint demonstrates how to protect an API route using
+ * our simplified authentication approach.
+ */
+
+require_once('../Models/User.php');
+
+// Set content type to JSON
+header('Content-Type: application/json');
+
+// Check if user is authenticated
+$auth = User::checkAuth();
+if (!$auth) {
+    // The checkAuth method already sent the error response
+    exit;
+}
+
+// User is authenticated, proceed with the endpoint logic
+$response = [
+    'status' => 'success',
+    'message' => 'You have access to this protected endpoint',
+    'user' => [
+        'id' => $auth['uid'],
+        'username' => $auth['username'],
+        'accessLevel' => $auth['accessLevel']
+    ]
+];
+
+// Send response
+echo json_encode($response);