]>
git.immae.eu Git - github/Chocobozzz/PeerTube.git/blob - server/middlewares/secure.js
3 const logger
= require('../helpers/logger')
4 const peertubeCrypto
= require('../helpers/peertubeCrypto')
5 const Pods
= require('../models/pods')
7 const secureMiddleware
= {
8 decryptBody: decryptBody
11 function decryptBody (req
, res
, next
) {
12 const url
= req
.body
.signature
.url
13 Pods
.findByUrl(url
, function (err
, pod
) {
15 logger
.error('Cannot get signed url in decryptBody.', { error: err
})
16 return res
.sendStatus(500)
20 logger
.error('Unknown pod %s.', url
)
21 return res
.sendStatus(403)
24 logger
.debug('Decrypting body from %s.', url
)
26 const signatureOk
= peertubeCrypto
.checkSignature(pod
.publicKey
, url
, req
.body
.signature
.signature
)
28 if (signatureOk
=== true) {
29 peertubeCrypto
.decrypt(req
.body
.key
, req
.body
.data
, function (err
, decrypted
) {
31 logger
.error('Cannot decrypt data.', { error: err
})
32 return res
.sendStatus(500)
35 req
.body
.data
= JSON
.parse(decrypted
)
41 logger
.error('Signature is not okay in decryptBody for %s.', req
.body
.signature
.url
)
42 return res
.sendStatus(403)
47 // ---------------------------------------------------------------------------
49 module
.exports
= secureMiddleware