At the moment, users can only export widgets if they have made their statistics publicly available. Often, people would be happy to share their number of visits (and show the evolution graph over the last 30 days for example), but they don't want to share other data (keywords, referers, etc.).
At the moment widgets are shown only if stats are avaialble for the anonymous user, or if the user passes its token_auth to the widget. This is a problem as currently token_auth is like having the login + password.
What we really need is a different token_auth for each widget. This could be as simple as md5(login . password . widgetName ).
