Enhancement: support pihole v6 with api auth disabled (#3995)

docs/widgets/services/pihole.md

@@ -5,8 +5,6 @@ description: PiHole Widget Configuration
 
 Learn more about [PiHole](https://github.com/pi-hole/pi-hole).
 
-As of v2022.12 [PiHole requires the use of an API key](https://pi-hole.net/blog/2022/11/17/upcoming-changes-authentication-for-more-api-endpoints-required/#page-content) if an admin password is set. Older versions do not require any authentication even if the admin uses a password.
-
 Allowed fields: `["queries", "blocked", "blocked_percent", "gravity"]`.
 
 Note: by default the "blocked" and "blocked_percent" fields are merged e.g. "1,234 (15%)" but explicitly including the "blocked_percent" field will change them to display separately.
@@ -18,5 +16,3 @@ widget:
   version: 6 # required if running v6 or higher, defaults to 5
   key: yourpiholeapikey # optional
 ```
-
-_Added in v0.1.0, updated in v0.8.9_

src/widgets/pihole/proxy.js

@@ -57,23 +57,27 @@ export default async function piholeProxyHandler(req, res) {
   }
 
   // pihole v6
-  if (!cache.get(`${sessionSIDCacheKey}.${service}`)) {
+  if (!cache.get(`${sessionSIDCacheKey}.${service}`) && widget.key) {
     await login(widget, service);
   }
 
   const sid = cache.get(`${sessionSIDCacheKey}.${service}`);
-  if (!sid) {
+  if (widget.key && !sid) {
     return res.status(500).json({ error: "Failed to authenticate with Pi-hole" });
   }
 
   try {
     logger.debug("Calling Pi-hole API endpoint: %s", endpoint);
-
+    const headers = {
+      "Content-Type": "application/json",
+    };
+    if (sid) {
+      headers["X-FTL-SID"] = sid;
+    } else {
+      logger.debug("Pi-hole request is unauthenticated");
+    }
     [status, , data] = await httpProxy(formatApiCall(widgets[widget.type].api, { ...widget, endpoint }), {
-      headers: {
+      headers,
-        "Content-Type": "application/json",
-        "X-FTL-SID": sid,
-      },
     });
 
     if (status !== 200) {