import * as helmet from 'helmet'
import * as useragent from 'useragent'
import * as anonymize from 'ip-anonymize'
+import * as cli from 'commander'
process.title = 'peertube'
// Do not use barrels because we don't want to load all modules here (we need to initialize database first)
import { logger } from './server/helpers/logger'
-import { API_VERSION, CONFIG, CACHE } from './server/initializers/constants'
+import { API_VERSION, CONFIG, CACHE, HTTP_SIGNATURE } from './server/initializers/constants'
const missed = checkMissedConfig()
if (missed.length !== 0) {
import { UpdateVideosScheduler } from './server/lib/schedulers/update-videos-scheduler'
import { YoutubeDlUpdateScheduler } from './server/lib/schedulers/youtube-dl-update-scheduler'
import { VideosRedundancyScheduler } from './server/lib/schedulers/videos-redundancy-scheduler'
+import { isHTTPSignatureDigestValid } from './server/helpers/peertube-crypto'
// ----------- Command line -----------
+cli
+ .option('--no-client', 'Start PeerTube without client interface')
+ .parse(process.argv)
+
// ----------- App -----------
// Enable CORS for develop
app.use(bodyParser.urlencoded({ extended: false }))
app.use(bodyParser.json({
type: [ 'application/json', 'application/*+json' ],
- limit: '500kb'
+ limit: '500kb',
+ verify: (req: express.Request, _, buf: Buffer, encoding: string) => {
+ const valid = isHTTPSignatureDigestValid(buf, req)
+ if (valid !== true) throw new Error('Invalid digest')
+ }
}))
// Cookies
app.use(cookieParser())
app.use('/', staticRouter)
// Client files, last valid routes!
-app.use('/', clientsRouter)
+if (cli.client) app.use('/', clientsRouter)
// ----------- Errors -----------