Merge pull request #4 from restreamio/api-auth-through-env-API_AUTH_TOKEN

feat: use env var API_AUTH_TOKEN instead of user pass for HTTP api auth

Author: rshmelev

src/controller/controller_api.cpp

@@ -134,10 +134,15 @@ bool Controller::authorize(JSON::Value &Request, JSON::Value &Response, Socket::
   if (Request.isMember("authorize") && Request["authorize"]["username"].asString() != ""){
     std::string UserID = Request["authorize"]["username"];
     if (Storage["account"].isMember(UserID)){
-      if (Secure::md5(Storage["account"][UserID]["password"].asString() + Challenge) ==
-          Request["authorize"]["password"].asString()){
-        Response["authorize"]["status"] = "OK";
-        return true;
+      char* pass = getenv("API_AUTH_TOKEN");
+      if (pass) {
+        std::string passStr = pass;
+        if (Secure::md5(passStr) ==
+            Secure::md5(Request["authorize"]["password"].asString())){
+
+          Response["authorize"]["status"] = "OK";
+          return true;
+        }
       }
     }
     if (Request["authorize"]["password"].asString() != ""){