While it is possible to implement a posting system on the web app, because it would have to handle the user tokens I have some doubts on safety/security. Obviously they would be stored locally, though I feel the exchange of the user’s handle and password for them should be done at least manually by the user in a client made for those requests. If I do go forward with implementing that, it should alleviate most of the api limitations for users with an account.