1 files changed, 49 insertions, 51 deletions
diff --git a/middlewares/secure.js b/middlewares/secure.js
index b7a18ad3e..bfd28316a 100644
--- a/middlewares/secure.js
+++ b/middlewares/secure.js
@@ -1,51 +1,49 @@
-;(function () {
+'use strict'
-  'use strict'
+var logger = require('../helpers/logger')
-  var logger = require('../helpers/logger')
+var peertubeCrypto = require('../helpers/peertubeCrypto')
-  var peertubeCrypto = require('../helpers/peertubeCrypto')
+var Pods = require('../models/pods')
-  var Pods = require('../models/pods')
+var secureMiddleware = {
-  var secureMiddleware = {
+  decryptBody: decryptBody
-    decryptBody: decryptBody
+}
-  }
+function decryptBody (req, res, next) {
-  function decryptBody (req, res, next) {
+  var url = req.body.signature.url
-    var url = req.body.signature.url
+  Pods.findByUrl(url, function (err, pod) {
-    Pods.findByUrl(url, function (err, pod) {
+    if (err) {
-      if (err) {
+      logger.error('Cannot get signed url in decryptBody.', { error: err })
-        logger.error('Cannot get signed url in decryptBody.', { error: err })
+      return res.sendStatus(500)
-        return res.sendStatus(500)
+    }
-      }
+    if (pod === null) {
-      if (pod === null) {
+      logger.error('Unknown pod %s.', url)
-        logger.error('Unknown pod %s.', url)
+      return res.sendStatus(403)
-        return res.sendStatus(403)
+    }
-      }
+    logger.debug('Decrypting body from %s.', url)
-      logger.debug('Decrypting body from %s.', url)
+    var signature_ok = peertubeCrypto.checkSignature(pod.publicKey, url, req.body.signature.signature)
-      var signature_ok = peertubeCrypto.checkSignature(pod.publicKey, url, req.body.signature.signature)
+    if (signature_ok === true) {
-      if (signature_ok === true) {
+      peertubeCrypto.decrypt(req.body.key, req.body.data, function (err, decrypted) {
-        peertubeCrypto.decrypt(req.body.key, req.body.data, function (err, decrypted) {
+        if (err) {
-          if (err) {
+          logger.error('Cannot decrypt data.', { error: err })
-            logger.error('Cannot decrypt data.', { error: err })
+          return res.sendStatus(500)
-            return res.sendStatus(500)
+        }
-          }
+        req.body.data = JSON.parse(decrypted)
-          req.body.data = JSON.parse(decrypted)
+        delete req.body.key
-          delete req.body.key
+        next()
-          next()
+      })
-        })
+    } else {
-      } else {
+      logger.error('Signature is not okay in decryptBody for %s.', req.body.signature.url)
-        logger.error('Signature is not okay in decryptBody for %s.', req.body.signature.url)
+      return res.sendStatus(403)
-        return res.sendStatus(403)
+    }
-      }
+  })
-    })
+}
-  }
+// ---------------------------------------------------------------------------
-  // ---------------------------------------------------------------------------
+module.exports = secureMiddleware
-  module.exports = secureMiddleware
-})()

diff --git a/middlewares/secure.js b/middlewares/secure.js index b7a18ad3e..bfd28316a 100644 --- a/middlewares/secure.js +++ b/middlewares/secure.js
@@ -1,51 +1,49 @@
1	;(function () {	1	'use strict'
2	'use strict'	2
3		3	var logger = require('../helpers/logger')
4	var logger = require('../helpers/logger')	4	var peertubeCrypto = require('../helpers/peertubeCrypto')
5	var peertubeCrypto = require('../helpers/peertubeCrypto')	5	var Pods = require('../models/pods')
6	var Pods = require('../models/pods')	6
7		7	var secureMiddleware = {
8	var secureMiddleware = {	8	decryptBody: decryptBody
9	decryptBody: decryptBody	9	}
10	}	10
11		11	function decryptBody (req, res, next) {
12	function decryptBody (req, res, next) {	12	var url = req.body.signature.url
13	var url = req.body.signature.url	13	Pods.findByUrl(url, function (err, pod) {
14	Pods.findByUrl(url, function (err, pod) {	14	if (err) {
15	if (err) {	15	logger.error('Cannot get signed url in decryptBody.', { error: err })
16	logger.error('Cannot get signed url in decryptBody.', { error: err })	16	return res.sendStatus(500)
17	return res.sendStatus(500)	17	}
18	}	18
19		19	if (pod === null) {
20	if (pod === null) {	20	logger.error('Unknown pod %s.', url)
21	logger.error('Unknown pod %s.', url)	21	return res.sendStatus(403)
22	return res.sendStatus(403)	22	}
23	}	23
24		24	logger.debug('Decrypting body from %s.', url)
25	logger.debug('Decrypting body from %s.', url)	25
26		26	var signature_ok = peertubeCrypto.checkSignature(pod.publicKey, url, req.body.signature.signature)
27	var signature_ok = peertubeCrypto.checkSignature(pod.publicKey, url, req.body.signature.signature)	27
28		28	if (signature_ok === true) {
29	if (signature_ok === true) {	29	peertubeCrypto.decrypt(req.body.key, req.body.data, function (err, decrypted) {
30	peertubeCrypto.decrypt(req.body.key, req.body.data, function (err, decrypted) {	30	if (err) {
31	if (err) {	31	logger.error('Cannot decrypt data.', { error: err })
32	logger.error('Cannot decrypt data.', { error: err })	32	return res.sendStatus(500)
33	return res.sendStatus(500)	33	}
34	}	34
35		35	req.body.data = JSON.parse(decrypted)
36	req.body.data = JSON.parse(decrypted)	36	delete req.body.key
37	delete req.body.key	37
38		38	next()
39	next()	39	})
40	})	40	} else {
41	} else {	41	logger.error('Signature is not okay in decryptBody for %s.', req.body.signature.url)
42	logger.error('Signature is not okay in decryptBody for %s.', req.body.signature.url)	42	return res.sendStatus(403)
43	return res.sendStatus(403)	43	}
44	}	44	})
45	})	45	}
46	}	46
47		47	// ---------------------------------------------------------------------------
48	// ---------------------------------------------------------------------------	48
49		49	module.exports = secureMiddleware
50	module.exports = secureMiddleware
51	})()