]>
git.immae.eu Git - github/Chocobozzz/PeerTube.git/blob - middlewares/secure.js
b7a18ad3e7500bdf761fe4fa27b049291beb683e
4 var logger
= require('../helpers/logger')
5 var peertubeCrypto
= require('../helpers/peertubeCrypto')
6 var Pods
= require('../models/pods')
8 var secureMiddleware
= {
9 decryptBody: decryptBody
12 function decryptBody (req
, res
, next
) {
13 var url
= req
.body
.signature
.url
14 Pods
.findByUrl(url
, function (err
, pod
) {
16 logger
.error('Cannot get signed url in decryptBody.', { error: err
})
17 return res
.sendStatus(500)
21 logger
.error('Unknown pod %s.', url
)
22 return res
.sendStatus(403)
25 logger
.debug('Decrypting body from %s.', url
)
27 var signature_ok
= peertubeCrypto
.checkSignature(pod
.publicKey
, url
, req
.body
.signature
.signature
)
29 if (signature_ok
=== true) {
30 peertubeCrypto
.decrypt(req
.body
.key
, req
.body
.data
, function (err
, decrypted
) {
32 logger
.error('Cannot decrypt data.', { error: err
})
33 return res
.sendStatus(500)
36 req
.body
.data
= JSON
.parse(decrypted
)
42 logger
.error('Signature is not okay in decryptBody for %s.', req
.body
.signature
.url
)
43 return res
.sendStatus(403)
48 // ---------------------------------------------------------------------------
50 module
.exports
= secureMiddleware