From: Rubén Beltrán del Río Date: Sun, 19 Feb 2017 07:59:26 +0000 (-0600) Subject: Check the Account SID (#3) X-Git-Url: https://git.r.bdr.sh/rbdr/dead-drop/commitdiff_plain/e5fdb2d460feed6beda8cac764b15f173b67159d?hp=7404eac982a0d928866aeddaa1a0ea4d1f2d3870 Check the Account SID (#3) * Add twilio config to readme * Modify wording of main menu. * Modify wording of recording message * Add account sid setting to readme * Add the twilio account sid to config * Add check for accountSid * Update paw to send AccountSid --- diff --git a/README.md b/README.md index 7690f61..39d2086 100644 --- a/README.md +++ b/README.md @@ -9,7 +9,9 @@ the file in `config/env.dist` to `.env` in the project root and override the values. When running with `make run`, it'll pick up these values automatically. -If you're doing it the hard way, you'll have to source them. +If you're doing it the hard way, you'll have to source them. You must +set the `DEAD_DROP_ACCOUNT_SID` to match your account sid. This is so +dead drop can filter out calls from other accounts. ## Running Locally @@ -41,7 +43,14 @@ You can also do some other operations ## Setting up Twilio -TBD +Get a twilio number, and on the configuration set the voice settings to +"Webhooks/TwiML" and point the `A call comes in` hook to: +the `/menus/main/` path of your dead drop installation. For example: +`https://dead-drop.unlimited.piza/menus/main`. It must be accessible +from the internet. + +You will also need your account sid. This is obtained from the "[Account +Settings][account-settings]" area in the twilio dashboard. ## Checking the code @@ -51,3 +60,4 @@ javascript style, and includes eslint configuration to check them. Run [docker]: https://www.docker.com/ [hapi-style-guide]: https://hapijs.com/styleguide +[account-settings]: https://www.twilio.com/console/account/settings diff --git a/config/config.js b/config/config.js index 16e9a9f..b1a1fac 100644 --- a/config/config.js +++ b/config/config.js @@ -12,11 +12,13 @@ const internals = {}; * @memberof DeadDrop * @typedef {object} tConfiguration * @property {number} [port=1988] the port where the app will listen on + * @property {string} twilioAccountSid the twilio account sid used to authorize calls * @property {DeadDrop.tRedisConfiguration} redis the configuration to * connect to the redis server */ module.exports = internals.Config = { port: Getenv.int('DEAD_DROP_PORT', 1988), + twilioAccountSid: Getenv('DEAD_DROP_TWILIO_ACCOUNT_SID'), /** * Information required to connect to the redis server diff --git a/config/env.dist b/config/env.dist index 11f79f1..5686169 100644 --- a/config/env.dist +++ b/config/env.dist @@ -1 +1,2 @@ DEAD_DROP_REDIS_HOST=location_of_redis_server +DEAD_DROP_TWILIO_ACCOUNT_SID=your_twilio_account_sid diff --git a/etc/dead_drop.paw b/etc/dead_drop.paw index 4627b2d..3aeaca6 100644 Binary files a/etc/dead_drop.paw and b/etc/dead_drop.paw differ diff --git a/lib/controllers/main_menu.js b/lib/controllers/main_menu.js index 461cff8..06e172b 100644 --- a/lib/controllers/main_menu.js +++ b/lib/controllers/main_menu.js @@ -13,9 +13,9 @@ internals.kMainMenuRoute = '/menus/main'; internals.kRecordingMenuRoute = '/menus/recording'; internals.kRandomMessageRoute = '/recordings/0'; internals.kLeaveMessageRoute = '/recordings'; -internals.kMenuMessage = 'Para dejar un mensaje, presiona 1. ' + - 'Para escuchar un mensaje al azar, presiona 2. ' + - 'Para escuchar un mensaje específico, presioan 3.'; // the message that will be shown +internals.kMenuMessage = 'Marca 1 para grabar mensaje. ' + + 'Marca 2 para escuchar mensaje al azar. ' + + 'Marca 3 si conoces el número de mensaje'; // the message that will be shown internals.kMenuInvalidResponseMessage = 'No entendí... Volviendo al menu principal.'; // invalid selection message internals.kMenuOptions = { leaveMessage: 1, diff --git a/lib/controllers/recordings.js b/lib/controllers/recordings.js index 591dbd5..c7a7584 100644 --- a/lib/controllers/recordings.js +++ b/lib/controllers/recordings.js @@ -10,10 +10,9 @@ const internals = {}; internals.kContentType = 'application/xml'; // The content type used to respond internals.kLanguage = 'es-mx'; // the language to use internals.kMaxMessageLength = 30; // max message length in seconds -internals.kIdDateFormat = 'YYMMDDHHmmssSSS'; // derive ids from current date. 15 digits. internals.kRecordingsSet = 'recordings'; -internals.kRecordMessage = 'Graba tu mensaje despues del bip. ' + - 'Presiona cualquier tecla para finalizar tu mensaje. '; // the recording message +internals.kRecordMessage = 'Graba tu mensaje despues del bip y ' + + 'presiona cualquier tecla para finalizar. '; // the recording message internals.kConfirmationMessage = 'Gracias. Tu mensaje es el número: '; internals.kNotFoundMessage = 'Mensaje no encontrado. Adiós!'; diff --git a/lib/dead_drop.js b/lib/dead_drop.js index 6f97645..3336444 100644 --- a/lib/dead_drop.js +++ b/lib/dead_drop.js @@ -45,10 +45,24 @@ module.exports = internals.DeadDrop = class DeadDrop { _initializeServer() { + const self = this; + this._app = Koa(); this._app.use(KoaBodyParser()); + this._app.use(function * (next) { + + const accountSid = this.request.body.AccountSid || this.request.query.AccountSid; + + if (accountSid === self.twilioAccountSid) { + yield next; + } + else { + this.throw('Unauthorized', 401); + } + }); + this._initializeMainMenuRoutes(); this._initializeRecordingMenuRoutes(); this._initializeRecordingsRoutes();