diff options
author | Chocobozzz <florian.bigard@gmail.com> | 2016-03-07 11:33:59 +0100 |
---|---|---|
committer | Chocobozzz <florian.bigard@gmail.com> | 2016-03-07 11:33:59 +0100 |
commit | b9a3e09ad5a7673f64556d1dba122ed4c4fac980 (patch) | |
tree | 66d4928b82af19a2372a2505822233884f3fd471 /middlewares/secure.js | |
parent | b2ff5e3e686eb552c5ccd64ce67b0455972ceef0 (diff) | |
download | PeerTube-b9a3e09ad5a7673f64556d1dba122ed4c4fac980.tar.gz PeerTube-b9a3e09ad5a7673f64556d1dba122ed4c4fac980.tar.zst PeerTube-b9a3e09ad5a7673f64556d1dba122ed4c4fac980.zip |
Prepare folders structure for angular app
Diffstat (limited to 'middlewares/secure.js')
-rw-r--r-- | middlewares/secure.js | 49 |
1 files changed, 0 insertions, 49 deletions
diff --git a/middlewares/secure.js b/middlewares/secure.js deleted file mode 100644 index bfd28316a..000000000 --- a/middlewares/secure.js +++ /dev/null | |||
@@ -1,49 +0,0 @@ | |||
1 | 'use strict' | ||
2 | |||
3 | var logger = require('../helpers/logger') | ||
4 | var peertubeCrypto = require('../helpers/peertubeCrypto') | ||
5 | var Pods = require('../models/pods') | ||
6 | |||
7 | var secureMiddleware = { | ||
8 | decryptBody: decryptBody | ||
9 | } | ||
10 | |||
11 | function decryptBody (req, res, next) { | ||
12 | var url = req.body.signature.url | ||
13 | Pods.findByUrl(url, function (err, pod) { | ||
14 | if (err) { | ||
15 | logger.error('Cannot get signed url in decryptBody.', { error: err }) | ||
16 | return res.sendStatus(500) | ||
17 | } | ||
18 | |||
19 | if (pod === null) { | ||
20 | logger.error('Unknown pod %s.', url) | ||
21 | return res.sendStatus(403) | ||
22 | } | ||
23 | |||
24 | logger.debug('Decrypting body from %s.', url) | ||
25 | |||
26 | var signature_ok = peertubeCrypto.checkSignature(pod.publicKey, url, req.body.signature.signature) | ||
27 | |||
28 | if (signature_ok === true) { | ||
29 | peertubeCrypto.decrypt(req.body.key, req.body.data, function (err, decrypted) { | ||
30 | if (err) { | ||
31 | logger.error('Cannot decrypt data.', { error: err }) | ||
32 | return res.sendStatus(500) | ||
33 | } | ||
34 | |||
35 | req.body.data = JSON.parse(decrypted) | ||
36 | delete req.body.key | ||
37 | |||
38 | next() | ||
39 | }) | ||
40 | } else { | ||
41 | logger.error('Signature is not okay in decryptBody for %s.', req.body.signature.url) | ||
42 | return res.sendStatus(403) | ||
43 | } | ||
44 | }) | ||
45 | } | ||
46 | |||
47 | // --------------------------------------------------------------------------- | ||
48 | |||
49 | module.exports = secureMiddleware | ||