diff options
author | Chocobozzz <me@florianbigard.com> | 2022-10-26 16:23:39 +0200 |
---|---|---|
committer | Chocobozzz <me@florianbigard.com> | 2022-10-27 09:13:10 +0200 |
commit | 5a122dddc5aab1b2ae1843411032d5f392bdd216 (patch) | |
tree | 39778c4372c4b371f1294c94bf22d8a6e7a26456 /server/controllers | |
parent | 49e7e4d9ffd16cba7a721f6d3d3203decf4f4b2c (diff) | |
download | PeerTube-5a122dddc5aab1b2ae1843411032d5f392bdd216.tar.gz PeerTube-5a122dddc5aab1b2ae1843411032d5f392bdd216.tar.zst PeerTube-5a122dddc5aab1b2ae1843411032d5f392bdd216.zip |
Option to disable static files auth check/s3 proxy
Diffstat (limited to 'server/controllers')
-rw-r--r-- | server/controllers/object-storage-proxy.ts | 8 | ||||
-rw-r--r-- | server/controllers/static.ts | 20 |
2 files changed, 24 insertions, 4 deletions
diff --git a/server/controllers/object-storage-proxy.ts b/server/controllers/object-storage-proxy.ts index 6fedcfd8f..3ce279671 100644 --- a/server/controllers/object-storage-proxy.ts +++ b/server/controllers/object-storage-proxy.ts | |||
@@ -1,11 +1,13 @@ | |||
1 | import cors from 'cors' | 1 | import cors from 'cors' |
2 | import express from 'express' | 2 | import express from 'express' |
3 | import { logger } from '@server/helpers/logger' | ||
3 | import { OBJECT_STORAGE_PROXY_PATHS } from '@server/initializers/constants' | 4 | import { OBJECT_STORAGE_PROXY_PATHS } from '@server/initializers/constants' |
4 | import { getHLSFileReadStream, getWebTorrentFileReadStream } from '@server/lib/object-storage' | 5 | import { getHLSFileReadStream, getWebTorrentFileReadStream } from '@server/lib/object-storage' |
5 | import { | 6 | import { |
6 | asyncMiddleware, | 7 | asyncMiddleware, |
7 | ensureCanAccessPrivateVideoHLSFiles, | 8 | ensureCanAccessPrivateVideoHLSFiles, |
8 | ensureCanAccessVideoPrivateWebTorrentFiles, | 9 | ensureCanAccessVideoPrivateWebTorrentFiles, |
10 | ensurePrivateObjectStorageProxyIsEnabled, | ||
9 | optionalAuthenticate | 11 | optionalAuthenticate |
10 | } from '@server/middlewares' | 12 | } from '@server/middlewares' |
11 | import { HttpStatusCode } from '@shared/models' | 13 | import { HttpStatusCode } from '@shared/models' |
@@ -15,12 +17,14 @@ const objectStorageProxyRouter = express.Router() | |||
15 | objectStorageProxyRouter.use(cors()) | 17 | objectStorageProxyRouter.use(cors()) |
16 | 18 | ||
17 | objectStorageProxyRouter.get(OBJECT_STORAGE_PROXY_PATHS.PRIVATE_WEBSEED + ':filename', | 19 | objectStorageProxyRouter.get(OBJECT_STORAGE_PROXY_PATHS.PRIVATE_WEBSEED + ':filename', |
20 | ensurePrivateObjectStorageProxyIsEnabled, | ||
18 | optionalAuthenticate, | 21 | optionalAuthenticate, |
19 | asyncMiddleware(ensureCanAccessVideoPrivateWebTorrentFiles), | 22 | asyncMiddleware(ensureCanAccessVideoPrivateWebTorrentFiles), |
20 | asyncMiddleware(proxifyWebTorrent) | 23 | asyncMiddleware(proxifyWebTorrent) |
21 | ) | 24 | ) |
22 | 25 | ||
23 | objectStorageProxyRouter.get(OBJECT_STORAGE_PROXY_PATHS.STREAMING_PLAYLISTS.PRIVATE_HLS + ':videoUUID/:filename', | 26 | objectStorageProxyRouter.get(OBJECT_STORAGE_PROXY_PATHS.STREAMING_PLAYLISTS.PRIVATE_HLS + ':videoUUID/:filename', |
27 | ensurePrivateObjectStorageProxyIsEnabled, | ||
24 | optionalAuthenticate, | 28 | optionalAuthenticate, |
25 | asyncMiddleware(ensureCanAccessPrivateVideoHLSFiles), | 29 | asyncMiddleware(ensureCanAccessPrivateVideoHLSFiles), |
26 | asyncMiddleware(proxifyHLS) | 30 | asyncMiddleware(proxifyHLS) |
@@ -35,6 +39,8 @@ export { | |||
35 | async function proxifyWebTorrent (req: express.Request, res: express.Response) { | 39 | async function proxifyWebTorrent (req: express.Request, res: express.Response) { |
36 | const filename = req.params.filename | 40 | const filename = req.params.filename |
37 | 41 | ||
42 | logger.debug('Proxifying WebTorrent file %s from object storage.', filename) | ||
43 | |||
38 | try { | 44 | try { |
39 | const stream = await getWebTorrentFileReadStream({ | 45 | const stream = await getWebTorrentFileReadStream({ |
40 | filename, | 46 | filename, |
@@ -52,6 +58,8 @@ async function proxifyHLS (req: express.Request, res: express.Response) { | |||
52 | const video = res.locals.onlyVideo | 58 | const video = res.locals.onlyVideo |
53 | const filename = req.params.filename | 59 | const filename = req.params.filename |
54 | 60 | ||
61 | logger.debug('Proxifying HLS file %s from object storage.', filename) | ||
62 | |||
55 | try { | 63 | try { |
56 | const stream = await getHLSFileReadStream({ | 64 | const stream = await getHLSFileReadStream({ |
57 | playlist: playlist.withVideo(video), | 65 | playlist: playlist.withVideo(video), |
diff --git a/server/controllers/static.ts b/server/controllers/static.ts index dc091455a..6ef9154b9 100644 --- a/server/controllers/static.ts +++ b/server/controllers/static.ts | |||
@@ -15,11 +15,17 @@ const staticRouter = express.Router() | |||
15 | // Cors is very important to let other servers access torrent and video files | 15 | // Cors is very important to let other servers access torrent and video files |
16 | staticRouter.use(cors()) | 16 | staticRouter.use(cors()) |
17 | 17 | ||
18 | // --------------------------------------------------------------------------- | ||
18 | // WebTorrent/Classic videos | 19 | // WebTorrent/Classic videos |
20 | // --------------------------------------------------------------------------- | ||
21 | |||
22 | const privateWebTorrentStaticMiddlewares = CONFIG.STATIC_FILES.PRIVATE_FILES_REQUIRE_AUTH === true | ||
23 | ? [ optionalAuthenticate, asyncMiddleware(ensureCanAccessVideoPrivateWebTorrentFiles) ] | ||
24 | : [] | ||
25 | |||
19 | staticRouter.use( | 26 | staticRouter.use( |
20 | STATIC_PATHS.PRIVATE_WEBSEED, | 27 | STATIC_PATHS.PRIVATE_WEBSEED, |
21 | optionalAuthenticate, | 28 | ...privateWebTorrentStaticMiddlewares, |
22 | asyncMiddleware(ensureCanAccessVideoPrivateWebTorrentFiles), | ||
23 | express.static(DIRECTORIES.VIDEOS.PRIVATE, { fallthrough: false }), | 29 | express.static(DIRECTORIES.VIDEOS.PRIVATE, { fallthrough: false }), |
24 | handleStaticError | 30 | handleStaticError |
25 | ) | 31 | ) |
@@ -35,11 +41,17 @@ staticRouter.use( | |||
35 | handleStaticError | 41 | handleStaticError |
36 | ) | 42 | ) |
37 | 43 | ||
44 | // --------------------------------------------------------------------------- | ||
38 | // HLS | 45 | // HLS |
46 | // --------------------------------------------------------------------------- | ||
47 | |||
48 | const privateHLSStaticMiddlewares = CONFIG.STATIC_FILES.PRIVATE_FILES_REQUIRE_AUTH === true | ||
49 | ? [ optionalAuthenticate, asyncMiddleware(ensureCanAccessPrivateVideoHLSFiles) ] | ||
50 | : [] | ||
51 | |||
39 | staticRouter.use( | 52 | staticRouter.use( |
40 | STATIC_PATHS.STREAMING_PLAYLISTS.PRIVATE_HLS, | 53 | STATIC_PATHS.STREAMING_PLAYLISTS.PRIVATE_HLS, |
41 | optionalAuthenticate, | 54 | ...privateHLSStaticMiddlewares, |
42 | asyncMiddleware(ensureCanAccessPrivateVideoHLSFiles), | ||
43 | express.static(DIRECTORIES.HLS_STREAMING_PLAYLIST.PRIVATE, { fallthrough: false }), | 55 | express.static(DIRECTORIES.HLS_STREAMING_PLAYLIST.PRIVATE, { fallthrough: false }), |
44 | handleStaticError | 56 | handleStaticError |
45 | ) | 57 | ) |