Merge pull request #19 from kallisti5/master

http/generic: Implement basic http auth via token

README.md

@@ -54,8 +54,18 @@ of netcat, with `-d @-` to read POST data from stdin, like so:
 
     echo "Hello world" | curl -d @- http://irccat-host/send
 
-Everything that works via netcat also works by POST to `/send`. Note that this endpoint
-is unauthenticated.
+### Generic HTTP Endpoint with authentication
+
+```json
+"generic": {
+    "secret": "my_secret"
+}
+```
+
+Adding an optional secret allows you to require a single secret token before sending
+messages to the specified channels. (Using HTTPS is recommended to ensure key security)
+
+    echo "Hello world" | curl -H "Authorization: Bearer my_secret" -d @- http://irccat-host/send
 
 ### Grafana Webhook
 ```json

httplistener/generic.go

@@ -2,7 +2,9 @@ package httplistener
 
 import (
 	"bytes"
+	"fmt"
 	"github.com/irccloud/irccat/dispatcher"
+	"github.com/spf13/viper"
 	"net/http"
 )
 
@@ -17,6 +19,18 @@ func (hl *HTTPListener) genericHandler(w http.ResponseWriter, request *http.Requ
 		return
 	}
 
+	// Optional simple auth via token
+	secret := viper.GetString("http.listeners.generic.secret")
+	if secret != "" {
+		auth := request.Header.Get("Authorization")
+		expecting := fmt.Sprintf("Bearer %s", secret)
+		if auth != expecting {
+			http.Error(w, "Invalid Authorization", http.StatusUnauthorized)
+			log.Warningf("%s - Invalid Authorization!", request.RemoteAddr)
+			return
+		}
+	}
+
 	body := new(bytes.Buffer)
 	body.ReadFrom(request.Body)
 	message := body.String()

httplistener/httplistener.go

@@ -25,7 +25,7 @@ func New(irc *irc.Connection) (*HTTPListener, error) {
 
 	mux := http.NewServeMux()
 
-	if viper.GetBool("http.listeners.generic") {
+	if viper.IsSet("http.listeners.generic") {
 		log.Infof("Listening for HTTP POST requests at /send")
 		mux.HandleFunc("/send", hl.genericHandler)
 	}