X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=server%2Fmiddlewares%2Fsecure.js;h=ee836beed45059ce362f30e104db46bb13c054a3;hb=38d78e5b82a30d1318e3cc2532b7ea22b8e163fa;hp=58f824d14cbb4561f00d42c42d2c214e9640ea03;hpb=c4403b29ad4db097af528a7f04eea07e0ed320d0;p=github%2FChocobozzz%2FPeerTube.git

diff --git a/server/middlewares/secure.js b/server/middlewares/secure.js
index 58f824d14..ee836beed 100644
--- a/server/middlewares/secure.js
+++ b/server/middlewares/secure.js
@@ -7,55 +7,35 @@ const peertubeCrypto = require('../helpers/peertube-crypto')
 const Pod = mongoose.model('Pod')
 
 const secureMiddleware = {
-  checkSignature,
-  decryptBody
+  checkSignature
 }
 
 function checkSignature (req, res, next) {
-  const url = req.body.signature.url
-  Pod.loadByUrl(url, function (err, pod) {
+  const host = req.body.signature.host
+  Pod.loadByHost(host, function (err, pod) {
     if (err) {
-      logger.error('Cannot get signed url in decryptBody.', { error: err })
+      logger.error('Cannot get signed host in body.', { error: err })
       return res.sendStatus(500)
     }
 
     if (pod === null) {
-      logger.error('Unknown pod %s.', url)
+      logger.error('Unknown pod %s.', host)
       return res.sendStatus(403)
     }
 
-    logger.debug('Decrypting body from %s.', url)
+    logger.debug('Checking signature from %s.', host)
 
-    const signatureOk = peertubeCrypto.checkSignature(pod.publicKey, url, req.body.signature.signature)
+    const signatureOk = peertubeCrypto.checkSignature(pod.publicKey, host, req.body.signature.signature)
 
     if (signatureOk === true) {
       return next()
     }
 
-    logger.error('Signature is not okay in decryptBody for %s.', req.body.signature.url)
+    logger.error('Signature is not okay in body for %s.', req.body.signature.host)
     return res.sendStatus(403)
   })
 }
 
-function decryptBody (req, res, next) {
-  peertubeCrypto.decrypt(req.body.key, req.body.data, function (err, decrypted) {
-    if (err) {
-      logger.error('Cannot decrypt data.', { error: err })
-      return res.sendStatus(500)
-    }
-
-    try {
-      req.body.data = JSON.parse(decrypted)
-      delete req.body.key
-    } catch (err) {
-      logger.error('Error in JSON.parse', { error: err })
-      return res.sendStatus(500)
-    }
-
-    next()
-  })
-}
-
 // ---------------------------------------------------------------------------
 
 module.exports = secureMiddleware