From 8ecb67deacd49295e676505d44c0f37835c2c8f5 Mon Sep 17 00:00:00 2001
From: "Glitch (hello-express)" <none>
Date: Sun, 3 Nov 2019 15:12:01 +0000
Subject: [PATCH] =?UTF-8?q?=F0=9F=8D=B0=F0=9F=8F=80=20Checkpoint=20./serve?=
 =?UTF-8?q?r.js:933874/4194?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 server.js | 13 +++++++++----
 1 file changed, 9 insertions(+), 4 deletions(-)

diff --git a/server.js b/server.js
index 85af8b2..1f7ccd4 100644
--- a/server.js
+++ b/server.js
@@ -24,9 +24,9 @@ app.get("/", (req, res) => {
 // http://expressjs.com/en/starter/basic-routing.html
 app.get("/img", (req, res) => {
   if (fuzIsOpen && new Date() - 2 * 60 * 1000 < lastSeen) {
-    return res.sendFile(__dirname + "/views/open.svg");
+    return res.sendFile(__dirname + "/views/open.svg"); // https://www.flaticon.com/free-icon/open_1234189
   }
-  res.sendFile(__dirname + "/views/closed.svg");
+  res.sendFile(__dirname + "/views/closed.svg"); // https://www.flaticon.com/free-icon/closed_1234190
 });
 app.get("/api", (req, res) => {
   res.header("Access-Control-Allow-Origin", "*");
@@ -34,12 +34,17 @@ app.get("/api", (req, res) => {
     "Access-Control-Allow-Headers",
     "Origin, X-Requested-With, Content-Type, Accept"
   );
-  res.send({    fuzIsOpen,    lastSeen
-  });
+  res.send({ fuzIsOpen, lastSeen });
 });
 
 // http://expressjs.com/en/starter/basic-routing.html
 app.get("/status", (req, res) => {
+  const auth = {login: process.env.MATRIXUSERNAME, password: process.env.MATRIXPASSWORD}; // change this
+
+  // parse login and password from headers
+  const b64auth = (req.headers.authorization || '').split(' ')[1] || '';
+  const [login, password] = new Buffer(b64auth, 'base64').toString().split(':');
+  
   if (req.query.password !== process.env.PASSWORD) {
     return res.sendStatus(401);
   }