X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=server%2Fmiddlewares%2Fsecure.js;h=b6e6d818b91995561b98f06df70459a6315e3360;hb=99fe265a5fc077cb66c322e7f3d191ff7110aea0;hp=ad7b0fbf7ed0887cc5ddc0d1756f9ca6354c7d59;hpb=bc503c2a62dcf9aed6b8d90b68f0f27a7755ac01;p=github%2FChocobozzz%2FPeerTube.git

diff --git a/server/middlewares/secure.js b/server/middlewares/secure.js
index ad7b0fbf7..b6e6d818b 100644
--- a/server/middlewares/secure.js
+++ b/server/middlewares/secure.js
@@ -1,46 +1,47 @@
 'use strict'
 
+const db = require('../initializers/database')
 const logger = require('../helpers/logger')
-const peertubeCrypto = require('../helpers/peertubeCrypto')
-const Pods = require('../models/pods')
+const peertubeCrypto = require('../helpers/peertube-crypto')
 
 const secureMiddleware = {
-  decryptBody: decryptBody
+  checkSignature
 }
 
-function decryptBody (req, res, next) {
-  const url = req.body.signature.url
-  Pods.findByUrl(url, function (err, pod) {
+function checkSignature (req, res, next) {
+  const host = req.body.signature.host
+  db.Pod.loadByHost(host, function (err, pod) {
     if (err) {
-      logger.error('Cannot get signed url in decryptBody.', { error: err })
+      logger.error('Cannot get signed host in body.', { error: err })
       return res.sendStatus(500)
     }
 
     if (pod === null) {
-      logger.error('Unknown pod %s.', url)
+      logger.error('Unknown pod %s.', host)
       return res.sendStatus(403)
     }
 
-    logger.debug('Decrypting body from %s.', url)
+    logger.debug('Checking signature from %s.', host)
 
-    const signatureOk = peertubeCrypto.checkSignature(pod.publicKey, url, req.body.signature.signature)
+    let signatureShouldBe
+    if (req.body.data) {
+      signatureShouldBe = req.body.data
+    } else {
+      signatureShouldBe = host
+    }
 
-    if (signatureOk === true) {
-      peertubeCrypto.decrypt(req.body.key, req.body.data, function (err, decrypted) {
-        if (err) {
-          logger.error('Cannot decrypt data.', { error: err })
-          return res.sendStatus(500)
-        }
+    const signatureOk = peertubeCrypto.checkSignature(pod.publicKey, signatureShouldBe, req.body.signature.signature)
 
-        req.body.data = JSON.parse(decrypted)
-        delete req.body.key
+    if (signatureOk === true) {
+      res.locals.secure = {
+        pod
+      }
 
-        next()
-      })
-    } else {
-      logger.error('Signature is not okay in decryptBody for %s.', req.body.signature.url)
-      return res.sendStatus(403)
+      return next()
     }
+
+    logger.error('Signature is not okay in body for %s.', req.body.signature.host)
+    return res.sendStatus(403)
   })
 }