aboutsummaryrefslogtreecommitdiffhomepage
path: root/server/middlewares/secure.js
diff options
context:
space:
mode:
authorChocobozzz <florian.bigard@gmail.com>2016-11-27 18:25:35 +0100
committerChocobozzz <florian.bigard@gmail.com>2016-11-27 18:25:35 +0100
commit38d78e5b82a30d1318e3cc2532b7ea22b8e163fa (patch)
tree3c4cdab683caf1e30c6e76ba78efeb0431fec932 /server/middlewares/secure.js
parentbf57d5eebf8b0fa2361b7973ce9772abd1bb4828 (diff)
downloadPeerTube-38d78e5b82a30d1318e3cc2532b7ea22b8e163fa.tar.gz
PeerTube-38d78e5b82a30d1318e3cc2532b7ea22b8e163fa.tar.zst
PeerTube-38d78e5b82a30d1318e3cc2532b7ea22b8e163fa.zip
Server: remove encryption when seending requests to other pods
We don't need it anymore since HTTPS is mandatory now
Diffstat (limited to 'server/middlewares/secure.js')
-rw-r--r--server/middlewares/secure.js28
1 files changed, 4 insertions, 24 deletions
diff --git a/server/middlewares/secure.js b/server/middlewares/secure.js
index fd5bc51d6..ee836beed 100644
--- a/server/middlewares/secure.js
+++ b/server/middlewares/secure.js
@@ -7,15 +7,14 @@ const peertubeCrypto = require('../helpers/peertube-crypto')
7const Pod = mongoose.model('Pod') 7const Pod = mongoose.model('Pod')
8 8
9const secureMiddleware = { 9const secureMiddleware = {
10 checkSignature, 10 checkSignature
11 decryptBody
12} 11}
13 12
14function checkSignature (req, res, next) { 13function checkSignature (req, res, next) {
15 const host = req.body.signature.host 14 const host = req.body.signature.host
16 Pod.loadByHost(host, function (err, pod) { 15 Pod.loadByHost(host, function (err, pod) {
17 if (err) { 16 if (err) {
18 logger.error('Cannot get signed host in decryptBody.', { error: err }) 17 logger.error('Cannot get signed host in body.', { error: err })
19 return res.sendStatus(500) 18 return res.sendStatus(500)
20 } 19 }
21 20
@@ -24,7 +23,7 @@ function checkSignature (req, res, next) {
24 return res.sendStatus(403) 23 return res.sendStatus(403)
25 } 24 }
26 25
27 logger.debug('Decrypting body from %s.', host) 26 logger.debug('Checking signature from %s.', host)
28 27
29 const signatureOk = peertubeCrypto.checkSignature(pod.publicKey, host, req.body.signature.signature) 28 const signatureOk = peertubeCrypto.checkSignature(pod.publicKey, host, req.body.signature.signature)
30 29
@@ -32,30 +31,11 @@ function checkSignature (req, res, next) {
32 return next() 31 return next()
33 } 32 }
34 33
35 logger.error('Signature is not okay in decryptBody for %s.', req.body.signature.host) 34 logger.error('Signature is not okay in body for %s.', req.body.signature.host)
36 return res.sendStatus(403) 35 return res.sendStatus(403)
37 }) 36 })
38} 37}
39 38
40function decryptBody (req, res, next) {
41 peertubeCrypto.decrypt(req.body.key, req.body.data, function (err, decrypted) {
42 if (err) {
43 logger.error('Cannot decrypt data.', { error: err })
44 return res.sendStatus(500)
45 }
46
47 try {
48 req.body.data = JSON.parse(decrypted)
49 delete req.body.key
50 } catch (err) {
51 logger.error('Error in JSON.parse', { error: err })
52 return res.sendStatus(500)
53 }
54
55 next()
56 })
57}
58
59// --------------------------------------------------------------------------- 39// ---------------------------------------------------------------------------
60 40
61module.exports = secureMiddleware 41module.exports = secureMiddleware