At present time, the !add and !remove commands are available to any user in the channel where the bot is running. This could allow undesired feeds to be added or the ones that were originally configured to be removed against the will of the owner of the bot.
Therefore, we should add an authentication command to provide a way to perform these operations to only authorized people.
This could be implemented in various ways:
Authorize once using a password and then run as many !add or !remove commands as desired by the authorized nicknames.
Authorize each command using a password except for !list. Return a one-time private token to the authenticating user that should be used to run the command, the expire the token after fixed amount of time.
Use a white list of authorized nicknames and optionally a password too. The bot should verify that the nickname is authenticated with nickserv and in the whitelist before allowing executing the triggered commands.
Any others implementations are welcomed. Please, comment below.
At present time, the !add and !remove commands are available to any user in the channel where the bot is running. This could allow undesired feeds to be added or the ones that were originally configured to be removed against the will of the owner of the bot. Therefore, we should add an authentication command to provide a way to perform these operations to only authorized people. This could be implemented in various ways: