projects / github / Chocobozzz / PeerTube.git / blame
| Commit | Line | Data |
|---|---|---|
| e02643f3 C |
1 | import { database as db } from '../initializers' |
| 2 | import { | |
| 3 | logger, | |
| 4 | checkSignature as peertubeCryptoCheckSignature | |
| 5 | } from '../helpers' | |
| a3ee6fa2 | 6 | |
| 0eb78d53 | 7 | function checkSignature (req, res, next) { |
| 49abbbbe | 8 | const host = req.body.signature.host |
| feb4bdfd | 9 | db.Pod.loadByHost(host, function (err, pod) { |
| 9f10b292 | 10 | if (err) { |
| 38d78e5b | 11 | logger.error('Cannot get signed host in body.', { error: err }) |
| 9f10b292 C |
12 | return res.sendStatus(500) |
| 13 | } | |
| 14 | ||
| 15 | if (pod === null) { | |
| 49abbbbe | 16 | logger.error('Unknown pod %s.', host) |
| 9f10b292 C |
17 | return res.sendStatus(403) |
| 18 | } | |
| 19 | ||
| 38d78e5b | 20 | logger.debug('Checking signature from %s.', host) |
| 9f10b292 | 21 | |
| bdfbd4f1 | 22 | let signatureShouldBe |
| 5a976a8c C |
23 | // If there is data in the body the sender used it for its signature |
| 24 | // If there is no data we just use its host as signature | |
| bdfbd4f1 C |
25 | if (req.body.data) { |
| 26 | signatureShouldBe = req.body.data | |
| 27 | } else { | |
| 28 | signatureShouldBe = host | |
| 29 | } | |
| 30 | ||
| e02643f3 | 31 | const signatureOk = peertubeCryptoCheckSignature(pod.publicKey, signatureShouldBe, req.body.signature.signature) |
| 9f10b292 | 32 | |
| bc503c2a | 33 | if (signatureOk === true) { |
| 4ff0d862 C |
34 | res.locals.secure = { |
| 35 | pod | |
| 36 | } | |
| 37 | ||
| 0eb78d53 C |
38 | return next() |
| 39 | } | |
| 40 | ||
| 38d78e5b | 41 | logger.error('Signature is not okay in body for %s.', req.body.signature.host) |
| 0eb78d53 C |
42 | return res.sendStatus(403) |
| 43 | }) | |
| 44 | } | |
| 45 | ||
| 9f10b292 C |
46 | // --------------------------------------------------------------------------- |
| 47 | ||
| 65fcc311 C |
48 | export { |
| 49 | checkSignature | |
| 50 | } |