I noticed that the s2Member fails to protect REST API routes when it should like, for instance, member only websites.
s2Member alternative views is not protecting REST API
That’s pretty much inevitable because the REST API is relatively new, and so s2Member wasn’t designed for that. But there are other plugins that can protect REST API routes. I use REST API Toolbox.
OK. Hopefully it will be integrated in the future?
To be honest, I doubt it.
But why would that be a good thing anyway? It makes no difference if the relevant code is in one plugin or two … except that if it’s in two, it’s much more likely that each is developed by specialists who know what they are doing rather than by one person or team who’s trying to work outside his/her/their field of expertise.