'use strict'
-var logger = require('../helpers/logger')
-var peertubeCrypto = require('../helpers/peertubeCrypto')
-var Pods = require('../models/pods')
+const logger = require('../helpers/logger')
+const mongoose = require('mongoose')
+const peertubeCrypto = require('../helpers/peertube-crypto')
-var secureMiddleware = {
+const Pod = mongoose.model('Pod')
+
+const secureMiddleware = {
decryptBody: decryptBody
}
function decryptBody (req, res, next) {
- var url = req.body.signature.url
- Pods.findByUrl(url, function (err, pod) {
+ const url = req.body.signature.url
+ Pod.loadByUrl(url, function (err, pod) {
if (err) {
logger.error('Cannot get signed url in decryptBody.', { error: err })
return res.sendStatus(500)
logger.debug('Decrypting body from %s.', url)
- var signature_ok = peertubeCrypto.checkSignature(pod.publicKey, url, req.body.signature.signature)
+ const signatureOk = peertubeCrypto.checkSignature(pod.publicKey, url, req.body.signature.signature)
- if (signature_ok === true) {
+ if (signatureOk === true) {
peertubeCrypto.decrypt(req.body.key, req.body.data, function (err, decrypted) {
if (err) {
logger.error('Cannot decrypt data.', { error: err })
return res.sendStatus(500)
}
- req.body.data = JSON.parse(decrypted)
- delete req.body.key
+ try {
+ req.body.data = JSON.parse(decrypted)
+ delete req.body.key
+ } catch (err) {
+ logger.error('Error in JSON.parse', { error: err })
+ return res.sendStatus(500)
+ }
next()
})