]>
Commit | Line | Data |
---|---|---|
1 | import 'express-validator' | |
2 | import * as express from 'express' | |
3 | ||
4 | import { database as db } from '../initializers' | |
5 | import { | |
6 | logger, | |
7 | checkSignature as peertubeCryptoCheckSignature | |
8 | } from '../helpers' | |
9 | ||
10 | function checkSignature (req: express.Request, res: express.Response, next: express.NextFunction) { | |
11 | const host = req.body.signature.host | |
12 | db.Pod.loadByHost(host) | |
13 | .then(pod => { | |
14 | if (pod === null) { | |
15 | logger.error('Unknown pod %s.', host) | |
16 | return res.sendStatus(403) | |
17 | } | |
18 | ||
19 | logger.debug('Checking signature from %s.', host) | |
20 | ||
21 | let signatureShouldBe | |
22 | // If there is data in the body the sender used it for its signature | |
23 | // If there is no data we just use its host as signature | |
24 | if (req.body.data) { | |
25 | signatureShouldBe = req.body.data | |
26 | } else { | |
27 | signatureShouldBe = host | |
28 | } | |
29 | ||
30 | const signatureOk = peertubeCryptoCheckSignature(pod.publicKey, signatureShouldBe, req.body.signature.signature) | |
31 | ||
32 | if (signatureOk === true) { | |
33 | res.locals.secure = { | |
34 | pod | |
35 | } | |
36 | ||
37 | return next() | |
38 | } | |
39 | ||
40 | logger.error('Signature is not okay in body for %s.', req.body.signature.host) | |
41 | return res.sendStatus(403) | |
42 | }) | |
43 | .catch(err => { | |
44 | logger.error('Cannot get signed host in body.', { error: err }) | |
45 | return res.sendStatus(500) | |
46 | }) | |
47 | } | |
48 | ||
49 | // --------------------------------------------------------------------------- | |
50 | ||
51 | export { | |
52 | checkSignature | |
53 | } |