X-Git-Url: https://git.r.bdr.sh/rbdr/dead-drop/blobdiff_plain/7404eac982a0d928866aeddaa1a0ea4d1f2d3870..b0b2aee1145b50a58c22d39627df717d45c6338f:/lib/dead_drop.js

diff --git a/lib/dead_drop.js b/lib/dead_drop.js
index 6f97645..3336444 100644
--- a/lib/dead_drop.js
+++ b/lib/dead_drop.js
@@ -45,10 +45,24 @@ module.exports = internals.DeadDrop = class DeadDrop {
 
   _initializeServer() {
 
+    const self = this;
+
     this._app = Koa();
 
     this._app.use(KoaBodyParser());
 
+    this._app.use(function * (next) {
+
+      const accountSid = this.request.body.AccountSid || this.request.query.AccountSid;
+
+      if (accountSid === self.twilioAccountSid) {
+        yield next;
+      }
+      else {
+        this.throw('Unauthorized', 401);
+      }
+    });
+
     this._initializeMainMenuRoutes();
     this._initializeRecordingMenuRoutes();
     this._initializeRecordingsRoutes();