middlewares/secure.js

   1 ;(function () {
   2   'use strict'
   3
   4   var logger = require('../helpers/logger')
   5   var peertubeCrypto = require('../helpers/peertubeCrypto')
   6   var Pods = require('../models/pods')
   7
   8   var secureMiddleware = {
   9     decryptBody: decryptBody
  10   }
  11
  12   function decryptBody (req, res, next) {
  13     var url = req.body.signature.url
  14     Pods.findByUrl(url, function (err, pod) {
  15       if (err) {
  16         logger.error('Cannot get signed url in decryptBody.', { error: err })
  17         return res.sendStatus(500)
  18       }
  19
  20       if (pod === null) {
  21         logger.error('Unknown pod %s.', url)
  22         return res.sendStatus(403)
  23       }
  24
  25       logger.debug('Decrypting body from %s.', url)
  26
  27       var signature_ok = peertubeCrypto.checkSignature(pod.publicKey, url, req.body.signature.signature)
  28
  29       if (signature_ok === true) {
  30         peertubeCrypto.decrypt(req.body.key, req.body.data, function (err, decrypted) {
  31           if (err) {
  32             logger.error('Cannot decrypt data.', { error: err })
  33             return res.sendStatus(500)
  34           }
  35
  36           req.body.data = JSON.parse(decrypted)
  37           delete req.body.key
  38
  39           next()
  40         })
  41       } else {
  42         logger.error('Signature is not okay in decryptBody for %s.', req.body.signature.url)
  43         return res.sendStatus(403)
  44       }
  45     })
  46   }
  47
  48   // ---------------------------------------------------------------------------
  49
  50   module.exports = secureMiddleware
  51 })()