Add configuration option for private hubs
Closed this issue · 2 comments
I want to set up a private hub that only accepts topics on an allow-list of origins.
I was thinking of just adding it about here. Simply read the ALLOWED_TOPIC_ORIGINS list option as a comma separated array (if configured), and compare the beginning of the topic string with each allowed origin. Abort and return error message "this subscription topic is not allowed on this hub (private hub)".
I guess other’s could find a block-list useful too, but I’m mostly interested in an allow-list.
Hi @da2x 👋 thanks for your help on the other tickets! I'll try to have a look at your suggestion this week. I didn't thought to use environment variables for allowed/blocked lists, but it's definitely easier to implement than in database. It should not be too complicated.
Hi @da2x, it's finally done. I did it quite differently compared to your suggestion. Instead of directly refusing the subscription, I added a step of validation between the first request and the verification, as described in the spec. It looked more logical to me :) The allowed list should be defined in the .env file, as documented here: https://github.com/flusio/Webubbub/blob/main/env.sample#L18-L21