]>
git.immae.eu Git - github/Chocobozzz/PeerTube.git/blob - server/middlewares/secure.js
bfd28316a3b1551c38508cd09b59510596fb80c6
3 var logger
= require('../helpers/logger')
4 var peertubeCrypto
= require('../helpers/peertubeCrypto')
5 var Pods
= require('../models/pods')
7 var secureMiddleware
= {
8 decryptBody: decryptBody
11 function decryptBody (req
, res
, next
) {
12 var url
= req
.body
.signature
.url
13 Pods
.findByUrl(url
, function (err
, pod
) {
15 logger
.error('Cannot get signed url in decryptBody.', { error: err
})
16 return res
.sendStatus(500)
20 logger
.error('Unknown pod %s.', url
)
21 return res
.sendStatus(403)
24 logger
.debug('Decrypting body from %s.', url
)
26 var signature_ok
= peertubeCrypto
.checkSignature(pod
.publicKey
, url
, req
.body
.signature
.signature
)
28 if (signature_ok
=== true) {
29 peertubeCrypto
.decrypt(req
.body
.key
, req
.body
.data
, function (err
, decrypted
) {
31 logger
.error('Cannot decrypt data.', { error: err
})
32 return res
.sendStatus(500)
35 req
.body
.data
= JSON
.parse(decrypted
)
41 logger
.error('Signature is not okay in decryptBody for %s.', req
.body
.signature
.url
)
42 return res
.sendStatus(403)
47 // ---------------------------------------------------------------------------
49 module
.exports
= secureMiddleware