]>
Commit | Line | Data |
---|---|---|
1 | ;(function () { | |
2 | 'use strict' | |
3 | ||
4 | var ursa = require('ursa') | |
5 | var fs = require('fs') | |
6 | ||
7 | var logger = require('../src/logger') | |
8 | var utils = require('../src/utils') | |
9 | var PodsDB = require('../src/database').PodsDB | |
10 | ||
11 | var misc = {} | |
12 | ||
13 | misc.cache = function (cache) { | |
14 | return function (req, res, next) { | |
15 | // If we want explicitly a cache | |
16 | // Or if we don't specify if we want a cache or no and we are in production | |
17 | if (cache === true || (cache !== false && process.env.NODE_ENV === 'production')) { | |
18 | res.setHeader('Cache-Control', 'public') | |
19 | } else { | |
20 | res.setHeader('Cache-Control', 'no-cache, no-store, max-age=0, must-revalidate') | |
21 | } | |
22 | ||
23 | next() | |
24 | } | |
25 | } | |
26 | ||
27 | misc.decryptBody = function (req, res, next) { | |
28 | PodsDB.findOne({ url: req.body.signature.url }, function (err, pod) { | |
29 | if (err) { | |
30 | logger.error('Cannot get signed url in decryptBody.', { error: err }) | |
31 | res.sendStatus(500) | |
32 | } | |
33 | ||
34 | logger.debug('Decrypting body from %s.', req.body.signature.url) | |
35 | ||
36 | var crt = ursa.createPublicKey(pod.publicKey) | |
37 | var signature_ok = crt.hashAndVerify('sha256', new Buffer(req.body.signature.url).toString('hex'), req.body.signature.signature, 'hex') | |
38 | ||
39 | if (signature_ok === true) { | |
40 | var myKey = ursa.createPrivateKey(fs.readFileSync(utils.certDir + 'peertube.key.pem')) | |
41 | var decryptedKey = myKey.decrypt(req.body.key, 'hex', 'utf8') | |
42 | req.body.data = JSON.parse(utils.symetricDecrypt(req.body.data, decryptedKey)) | |
43 | delete req.body.key | |
44 | } else { | |
45 | logger.error('Signature is not okay in decryptBody for %s.', req.body.signature.url) | |
46 | res.sendStatus(500) | |
47 | } | |
48 | ||
49 | next() | |
50 | }) | |
51 | } | |
52 | ||
53 | module.exports = misc | |
54 | })() |