Use BasicAuth for API access

[Yyuzu]

It could harden a bit the project using BasicAuth for api.php access, thus denying automatically attempts to hack the server without proper authentication.

I don't know if it's a portable idea or not, since I'm not sure nginx allows BasicAuth configuration in a file like .htaccess.

[J-8]

That is actually something we could use because it would be better for the rest api. This could also implement the read-only idea of #59.