port tootsuite#11292 to monsterfork: Add whitelist mode

author: Eugen Rochko <eugen@zeonfederated.com> 2019-07-30 11:10:46 +0200
committer: multiple creatures <dev@multiple-creature.party> 2020-02-21 01:02:20 -0600
commit: b4d97bc26baff0a9867f1e510a7630dd34b8049d (patch)
tree: 4637f1ead39e9e0748066445f94798b0d5f38fd4 /streaming
parent: 08f6b74097aacb2cf1c3894d4a58c0b2272a9fa5 (diff)
1 files changed, 3 insertions, 2 deletions
diff --git a/streaming/index.js b/streaming/index.js
index 7d6bafa3f..ac4ec3cd7 100644
--- a/streaming/index.js
+++ b/streaming/index.js
@@ -12,6 +12,7 @@ const uuid = require('uuid');
 const fs = require('fs');
 
 const env = process.env.NODE_ENV || 'development';
+const alwaysRequireAuth = process.env.WHITELIST_MODE === 'true' || process.env.AUTHORIZED_FETCH === 'true';
 
 dotenv.config({
   path: env === 'production' ? '.env.production' : '.env',
@@ -275,7 +276,7 @@ const startWorker = (workerId) => {
 
   const wsVerifyClient = (info, cb) => {
     const location = url.parse(info.req.url, true);
-    const authRequired = !PUBLIC_STREAMS.some(stream => stream === location.query.stream);
+    const authRequired = alwaysRequireAuth || !PUBLIC_STREAMS.some(stream => stream === location.query.stream);
     const allowedScopes = [];
 
     if (authRequired) {
@@ -308,7 +309,7 @@ const startWorker = (workerId) => {
       return;
     }
 
-    const authRequired = !PUBLIC_ENDPOINTS.some(endpoint => endpoint === req.path);
+    const authRequired = alwaysRequireAuth || !PUBLIC_ENDPOINTS.some(endpoint => endpoint === req.path);
     const allowedScopes = [];
 
     if (authRequired) {
author	Eugen Rochko <eugen@zeonfederated.com>	2019-07-30 11:10:46 +0200
committer	multiple creatures <dev@multiple-creature.party>	2020-02-21 01:02:20 -0600
commit	b4d97bc26baff0a9867f1e510a7630dd34b8049d (patch)
tree	4637f1ead39e9e0748066445f94798b0d5f38fd4 /streaming
parent	08f6b74097aacb2cf1c3894d4a58c0b2272a9fa5 (diff)