| | 1 | 'use strict' |
| | 2 | |
| | 3 | const db = require('../initializers/database') |
| | 4 | const logger = require('../helpers/logger') |
| | 5 | const peertubeCrypto = require('../helpers/peertube-crypto') |
| | 6 | |
| | 7 | const secureMiddleware = { |
| | 8 | checkSignature |
| | 9 | } |
| | 10 | |
| | 11 | function checkSignature (req, res, next) { |
| | 12 | const host = req.body.signature.host |
| | 13 | db.Pod.loadByHost(host, function (err, pod) { |
| | 14 | if (err) { |
| | 15 | logger.error('Cannot get signed host in body.', { error: err }) |
| | 16 | return res.sendStatus(500) |
| | 17 | } |
| | 18 | |
| | 19 | if (pod === null) { |
| | 20 | logger.error('Unknown pod %s.', host) |
| | 21 | return res.sendStatus(403) |
| | 22 | } |
| | 23 | |
| | 24 | logger.debug('Checking signature from %s.', host) |
| | 25 | |
| | 26 | const signatureOk = peertubeCrypto.checkSignature(pod.publicKey, host, req.body.signature.signature) |
| | 27 | |
| | 28 | if (signatureOk === true) { |
| | 29 | res.locals.secure = { |
| | 30 | pod |
| | 31 | } |
| | 32 | |
| | 33 | return next() |
| | 34 | } |
| | 35 | |
| | 36 | logger.error('Signature is not okay in body for %s.', req.body.signature.host) |
| | 37 | return res.sendStatus(403) |
| | 38 | }) |
| | 39 | } |
| | 40 | |
| | 41 | // --------------------------------------------------------------------------- |
| | 42 | |
| | 43 | module.exports = secureMiddleware |
projects / github / Chocobozzz / PeerTube.git / blame_incremental