hubot-restrict-ip

    1.0.0 • Public • Published

    Hubot Restrict IP Plugin

    Version Downloads Build Status Dependency Status Coverage Status NPM

    This plugin is an Express middleware that will permit to filter who has access to the http endpoints of your hubot bot.

    Installation

    In your hubot directory:

    npm install hubot-restrict-ip --save
    

    Then add hubot-restrict-ip to external-scripts.json

    Configuration

    • HTTP_RESTRICTED if set, protects all express endpoints by default, only the open_endpoints are reachable by everybody, and the ip_whitelist
    • HTTP_LOG_RESTRICTED if set, hubot will log (warning level) the unauthorized calls
    • HTTP_IP_WHITELIST only useful when HTTP_RESTRICTED is set
    • HTTP_IP_BLACKLIST overwrite the whitelist if HTTP_RESTRICTED is set, and blocks ips listed anyways if not
    • HTTP_OPEN_ENDPOINTS over-rules any other configuration to keep those endpoints open
    • HTTP_CLOSED_ENDPOINTS if HTTP_RESTRICTED is set and HTTP_OPEN_ENDPOINTS are contradicted by HTTP_CLOSED_ENDPOINTS, the closed one wins.
    • HTTP_UNAUTHORIZED_MESSAGE the message provided with the 401 status triggered when access is restricted by any rule.

    With

    • The IP lists are separated by , commas, and use CIDR for range definition like 192.168.0.0/24. IP can also be IPv6 ranges.
    • the endpoints are a list of endpoints, separated by commas too, like /hubot/help but it can also be a regexp like /.*/help

    Testing

    npm install
    
    # will run make test and coffeelint
    npm test 
    
    # or
    make test
    
    # or, for watch-mode
    make test-w
    
    # or for more documentation-style output
    make test-spec
    
    # and to generate coverage
    make test-cov
    
    # and to run the lint
    make lint
    
    # run the lint and the coverage
    make
    

    Changelog

    All changes are listed in the CHANGELOG

    Contribute

    Feel free to open a PR if you find any bug, typo, want to improve documentation, or think about a new feature.

    Gandi loves Free and Open Source Software. This project is used internally at Gandi but external contributions are very welcome.

    Authors

    • @mose - author and maintainer

    License

    This source code is available under MIT license.

    Copyright

    Copyright (c) 2016 - Gandi - https://gandi.net

    Install

    npm i hubot-restrict-ip

    DownloadsWeekly Downloads

    1

    Version

    1.0.0

    License

    MIT

    Last publish

    Collaborators

    • kolo
    • mose