Update Kirby and add password guard

private/kirby/config/api/authentication.php

@@ -1,24 +1,27 @@
 <?php
 
-use Kirby\Exception\PermissionException;
+use Kirby\Exception\AuthException;
 
 return function () {
-    $auth               = $this->kirby()->auth();
-    $allowImpersonation = $this->kirby()->option('api.allowImpersonation') ?? false;
+	$auth               = $this->kirby()->auth();
+	$allowImpersonation = $this->kirby()->option('api.allowImpersonation') ?? false;
 
-    // csrf token check
-    if ($auth->type($allowImpersonation) === 'session' && $auth->csrf() === false) {
-        throw new PermissionException('Unauthenticated');
-    }
+	// csrf token check
+	if (
+		$auth->type($allowImpersonation) === 'session' &&
+		$auth->csrf() === false
+	) {
+		throw new AuthException(message: 'Unauthenticated');
+	}
 
-    // get user from session or basic auth
-    if ($user = $auth->user(null, $allowImpersonation)) {
-        if ($user->role()->permissions()->for('access', 'panel') === false) {
-            throw new PermissionException(['key' => 'access.panel']);
-        }
+	// get user from session or basic auth
+	if ($user = $auth->user(null, $allowImpersonation)) {
+		if ($user->role()->permissions()->for('access', 'panel') === false) {
+			throw new AuthException(key: 'access.panel');
+		}
 
-        return $user;
-    }
+		return $user;
+	}
 
-    throw new PermissionException('Unauthenticated');
+	throw new AuthException(message: 'Unauthenticated');
 };