Added API key authentication alternative.

[gassan]

For those who have wpackagist-plugin/jwt-authentication-for-wp-rest-api installed, Bearer token authentication is problematic, because the plugin intercepts the token and tries to authenticate the user automatically.

To make it work, you need to:

1. Create an unprivileged user.
2. add_filter to increase the token TTL.
3. Login them.
4. Store a long-lived token for this user.

Authentication via a specific header simplifies things a lot.

In this same commit, I pass the settings into a <script> before the settings page <div>. This saves a request. If, for some reason, the data is missing, an AJAX request will be sent (old method).

Added a dynamic Prometheus job-config example to the bottom of the settings page.

[gassan]

Added "Copy config" ClipbardButton.

[gassan]

Added 'permission_callback's to avoid 'doing_wrong' notice:
The REST API route definition for %1$s is missing the required %2$s argument. For REST API routes that are intended to be public, use %3$s as the permission callback.

[PeterBooker]

There is a lot of good work here @gassan, thank you.

Ideally I would like to keep the auth simple, so I think perhaps I would like to make a breaking change to the plugin which changes the authentication to avoid standard auth methods (like bearer tokens) and uses a fixed header like X-PromPress, however I need some time to think about this as it might be safer to stick with standard WordPress REST API authentication.

I need a little time to consider this change and work out the best route.

[gassan]

Just to be clear, this method is not a replacement for the old one with the bearer token — it’s an addition. Everything old will continue to work as before.