This plugin is an Express middleware that will permit to filter who has access to the http endpoints of your hubot bot.
In your hubot directory:
npm install hubot-restrict-ip --save
HTTP_RESTRICTEDif set, protects all express endpoints by default, only the open_endpoints are reachable by everybody, and the ip_whitelist
HTTP_LOG_RESTRICTEDif set, hubot will log (warning level) the unauthorized calls
HTTP_IP_WHITELISTonly useful when
HTTP_IP_BLACKLISToverwrite the whitelist if
HTTP_RESTRICTEDis set, and blocks ips listed anyways if not
HTTP_OPEN_ENDPOINTSover-rules any other configuration to keep those endpoints open
HTTP_RESTRICTEDis set and
HTTP_OPEN_ENDPOINTSare contradicted by
HTTP_CLOSED_ENDPOINTS, the closed one wins.
HTTP_UNAUTHORIZED_MESSAGEthe message provided with the
401status triggered when access is restricted by any rule.
,commas, and use CIDR for range definition like
192.168.0.0/24. IP can also be IPv6 ranges.
/hubot/helpbut it can also be a regexp like
npm install # will run make test and coffeelint npm test # or make test # or, for watch-mode make test-w # or for more documentation-style output make test-spec # and to generate coverage make test-cov # and to run the lint make lint # run the lint and the coverage make
All changes are listed in the CHANGELOG
Feel free to open a PR if you find any bug, typo, want to improve documentation, or think about a new feature.
Gandi loves Free and Open Source Software. This project is used internally at Gandi but external contributions are very welcome.
This source code is available under MIT license.
Copyright (c) 2016 - Gandi - https://gandi.net