projects / github / Chocobozzz / PeerTube.git / blame
| Commit | Line | Data |
|---|---|---|
| 9f10b292 C |
1 | 'use strict' |
| 2 | ||
| f0f5567b | 3 | const logger = require('../helpers/logger') |
| a3ee6fa2 | 4 | const mongoose = require('mongoose') |
| 5f698b82 | 5 | const peertubeCrypto = require('../helpers/peertube-crypto') |
| a3ee6fa2 C |
6 | |
| 7 | const Pod = mongoose.model('Pod') | |
| 9f10b292 | 8 | |
| f0f5567b | 9 | const secureMiddleware = { |
| 38d78e5b | 10 | checkSignature |
| 9f10b292 C |
11 | } |
| 12 | ||
| 0eb78d53 | 13 | function checkSignature (req, res, next) { |
| 49abbbbe C |
14 | const host = req.body.signature.host |
| 15 | Pod.loadByHost(host, function (err, pod) { | |
| 9f10b292 | 16 | if (err) { |
| 38d78e5b | 17 | logger.error('Cannot get signed host in body.', { error: err }) |
| 9f10b292 C |
18 | return res.sendStatus(500) |
| 19 | } | |
| 20 | ||
| 21 | if (pod === null) { | |
| 49abbbbe | 22 | logger.error('Unknown pod %s.', host) |
| 9f10b292 C |
23 | return res.sendStatus(403) |
| 24 | } | |
| 25 | ||
| 38d78e5b | 26 | logger.debug('Checking signature from %s.', host) |
| 9f10b292 | 27 | |
| 49abbbbe | 28 | const signatureOk = peertubeCrypto.checkSignature(pod.publicKey, host, req.body.signature.signature) |
| 9f10b292 | 29 | |
| bc503c2a | 30 | if (signatureOk === true) { |
| 0eb78d53 C |
31 | return next() |
| 32 | } | |
| 33 | ||
| 38d78e5b | 34 | logger.error('Signature is not okay in body for %s.', req.body.signature.host) |
| 0eb78d53 C |
35 | return res.sendStatus(403) |
| 36 | }) | |
| 37 | } | |
| 38 | ||
| 9f10b292 C |
39 | // --------------------------------------------------------------------------- |
| 40 | ||
| 41 | module.exports = secureMiddleware |