]>
Commit | Line | Data |
---|---|---|
69818c93 C |
1 | import 'express-validator' |
2 | import * as express from 'express' | |
3 | ||
e02643f3 C |
4 | import { database as db } from '../initializers' |
5 | import { | |
6 | logger, | |
7 | checkSignature as peertubeCryptoCheckSignature | |
8 | } from '../helpers' | |
4771e000 | 9 | import { PodSignature } from '../../shared' |
a3ee6fa2 | 10 | |
69818c93 | 11 | function checkSignature (req: express.Request, res: express.Response, next: express.NextFunction) { |
4771e000 C |
12 | const signatureObject: PodSignature = req.body.signature |
13 | const host = signatureObject.host | |
14 | ||
6fcd19ba C |
15 | db.Pod.loadByHost(host) |
16 | .then(pod => { | |
17 | if (pod === null) { | |
18 | logger.error('Unknown pod %s.', host) | |
19 | return res.sendStatus(403) | |
20 | } | |
9f10b292 | 21 | |
6fcd19ba | 22 | logger.debug('Checking signature from %s.', host) |
9f10b292 | 23 | |
6fcd19ba C |
24 | let signatureShouldBe |
25 | // If there is data in the body the sender used it for its signature | |
26 | // If there is no data we just use its host as signature | |
27 | if (req.body.data) { | |
28 | signatureShouldBe = req.body.data | |
29 | } else { | |
30 | signatureShouldBe = host | |
31 | } | |
9f10b292 | 32 | |
4771e000 | 33 | const signatureOk = peertubeCryptoCheckSignature(pod.publicKey, signatureShouldBe, signatureObject.signature) |
bdfbd4f1 | 34 | |
6fcd19ba C |
35 | if (signatureOk === true) { |
36 | res.locals.secure = { | |
37 | pod | |
38 | } | |
9f10b292 | 39 | |
6fcd19ba | 40 | return next() |
4ff0d862 C |
41 | } |
42 | ||
4771e000 | 43 | logger.error('Signature is not okay in body for %s.', signatureObject.host) |
6fcd19ba C |
44 | return res.sendStatus(403) |
45 | }) | |
46 | .catch(err => { | |
4771e000 | 47 | logger.error('Cannot get signed host in body.', { error: err.stack, signature: signatureObject.signature }) |
6fcd19ba C |
48 | return res.sendStatus(500) |
49 | }) | |
0eb78d53 C |
50 | } |
51 | ||
9f10b292 C |
52 | // --------------------------------------------------------------------------- |
53 | ||
65fcc311 C |
54 | export { |
55 | checkSignature | |
56 | } |