]>
Commit | Line | Data |
---|---|---|
1 | 'use strict' | |
2 | ||
3 | const db = require('../initializers/database') | |
4 | const logger = require('../helpers/logger') | |
5 | const peertubeCrypto = require('../helpers/peertube-crypto') | |
6 | ||
7 | const secureMiddleware = { | |
8 | checkSignature | |
9 | } | |
10 | ||
11 | function checkSignature (req, res, next) { | |
12 | const host = req.body.signature.host | |
13 | db.Pod.loadByHost(host, function (err, pod) { | |
14 | if (err) { | |
15 | logger.error('Cannot get signed host in body.', { error: err }) | |
16 | return res.sendStatus(500) | |
17 | } | |
18 | ||
19 | if (pod === null) { | |
20 | logger.error('Unknown pod %s.', host) | |
21 | return res.sendStatus(403) | |
22 | } | |
23 | ||
24 | logger.debug('Checking signature from %s.', host) | |
25 | ||
26 | const signatureOk = peertubeCrypto.checkSignature(pod.publicKey, host, req.body.signature.signature) | |
27 | ||
28 | if (signatureOk === true) { | |
29 | res.locals.secure = { | |
30 | pod | |
31 | } | |
32 | ||
33 | return next() | |
34 | } | |
35 | ||
36 | logger.error('Signature is not okay in body for %s.', req.body.signature.host) | |
37 | return res.sendStatus(403) | |
38 | }) | |
39 | } | |
40 | ||
41 | // --------------------------------------------------------------------------- | |
42 | ||
43 | module.exports = secureMiddleware |