[github/Chocobozzz/PeerTube.git] / server / middlewares / secure.js

'use strict'

const db = require('../initializers/database')
const logger = require('../helpers/logger')
const peertubeCrypto = require('../helpers/peertube-crypto')

const secureMiddleware = {
  checkSignature
}

function checkSignature (req, res, next) {
  const host = req.body.signature.host
  db.Pod.loadByHost(host, function (err, pod) {
    if (err) {
      logger.error('Cannot get signed host in body.', { error: err })
      return res.sendStatus(500)
    }

    if (pod === null) {
      logger.error('Unknown pod %s.', host)
      return res.sendStatus(403)
    }

    logger.debug('Checking signature from %s.', host)

    let signatureShouldBe
    // If there is data in the body the sender used it for its signature
    // If there is no data we just use its host as signature
    if (req.body.data) {
      signatureShouldBe = req.body.data
    } else {
      signatureShouldBe = host
    }

    const signatureOk = peertubeCrypto.checkSignature(pod.publicKey, signatureShouldBe, req.body.signature.signature)

    if (signatureOk === true) {
      res.locals.secure = {
        pod
      }

      return next()
    }

    logger.error('Signature is not okay in body for %s.', req.body.signature.host)
    return res.sendStatus(403)
  })
}

// ---------------------------------------------------------------------------

module.exports = secureMiddleware
Commit	Line	Data
9f10b292 C	1	'use strict'
9f10b292 C	2
feb4bdfd	3	const db = require('../initializers/database')
f0f5567b	4	const logger = require('../helpers/logger')
5f698b82	5	const peertubeCrypto = require('../helpers/peertube-crypto')
a3ee6fa2	6
f0f5567b	7	const secureMiddleware = {
38d78e5b	8	checkSignature
9f10b292 C	9	}
9f10b292 C	10
0eb78d53	11	function checkSignature (req, res, next) {
49abbbbe	12	const host = req.body.signature.host
feb4bdfd	13	db.Pod.loadByHost(host, function (err, pod) {
9f10b292	14	if (err) {
38d78e5b	15	logger.error('Cannot get signed host in body.', { error: err })
9f10b292 C	16	return res.sendStatus(500)
	17	}
	18
	19	if (pod === null) {
49abbbbe	20	logger.error('Unknown pod %s.', host)
9f10b292 C	21	return res.sendStatus(403)
	22	}
	23
38d78e5b	24	logger.debug('Checking signature from %s.', host)
9f10b292	25
bdfbd4f1	26	let signatureShouldBe
5a976a8c C	27	// If there is data in the body the sender used it for its signature
5a976a8c C	28	// If there is no data we just use its host as signature
bdfbd4f1 C	29	if (req.body.data) {
	30	signatureShouldBe = req.body.data
	31	} else {
	32	signatureShouldBe = host
	33	}
	34
	35	const signatureOk = peertubeCrypto.checkSignature(pod.publicKey, signatureShouldBe, req.body.signature.signature)
9f10b292	36
bc503c2a	37	if (signatureOk === true) {
4ff0d862 C	38	res.locals.secure = {
	39	pod
	40	}
	41
0eb78d53 C	42	return next()
	43	}
	44
38d78e5b	45	logger.error('Signature is not okay in body for %s.', req.body.signature.host)
0eb78d53 C	46	return res.sendStatus(403)
	47	})
	48	}
	49
9f10b292 C	50	// ---------------------------------------------------------------------------
	51
	52	module.exports = secureMiddleware