Ptarmigan before 0.2.3 lacks API token validation, e.g., an «if (token === apiToken) {return true;} return false;» code block.
