diff options
Diffstat (limited to 'middlewares')
-rw-r--r-- | middlewares/cache.js | 36 | ||||
-rw-r--r-- | middlewares/index.js | 18 | ||||
-rw-r--r-- | middlewares/reqValidators/index.js | 18 | ||||
-rw-r--r-- | middlewares/reqValidators/pods.js | 80 | ||||
-rw-r--r-- | middlewares/reqValidators/remote.js | 62 | ||||
-rw-r--r-- | middlewares/reqValidators/utils.js | 36 | ||||
-rw-r--r-- | middlewares/reqValidators/videos.js | 106 | ||||
-rw-r--r-- | middlewares/secure.js | 100 |
8 files changed, 220 insertions, 236 deletions
diff --git a/middlewares/cache.js b/middlewares/cache.js index 782165155..0d3da0075 100644 --- a/middlewares/cache.js +++ b/middlewares/cache.js | |||
@@ -1,25 +1,23 @@ | |||
1 | ;(function () { | 1 | 'use strict' |
2 | 'use strict' | ||
3 | 2 | ||
4 | var cacheMiddleware = { | 3 | var cacheMiddleware = { |
5 | cache: cache | 4 | cache: cache |
6 | } | 5 | } |
7 | |||
8 | function cache (cache) { | ||
9 | return function (req, res, next) { | ||
10 | // If we want explicitly a cache | ||
11 | // Or if we don't specify if we want a cache or no and we are in production | ||
12 | if (cache === true || (cache !== false && process.env.NODE_ENV === 'production')) { | ||
13 | res.setHeader('Cache-Control', 'public') | ||
14 | } else { | ||
15 | res.setHeader('Cache-Control', 'no-cache, no-store, max-age=0, must-revalidate') | ||
16 | } | ||
17 | 6 | ||
18 | next() | 7 | function cache (cache) { |
8 | return function (req, res, next) { | ||
9 | // If we want explicitly a cache | ||
10 | // Or if we don't specify if we want a cache or no and we are in production | ||
11 | if (cache === true || (cache !== false && process.env.NODE_ENV === 'production')) { | ||
12 | res.setHeader('Cache-Control', 'public') | ||
13 | } else { | ||
14 | res.setHeader('Cache-Control', 'no-cache, no-store, max-age=0, must-revalidate') | ||
19 | } | 15 | } |
16 | |||
17 | next() | ||
20 | } | 18 | } |
19 | } | ||
21 | 20 | ||
22 | // --------------------------------------------------------------------------- | 21 | // --------------------------------------------------------------------------- |
23 | 22 | ||
24 | module.exports = cacheMiddleware | 23 | module.exports = cacheMiddleware |
25 | })() | ||
diff --git a/middlewares/index.js b/middlewares/index.js index bfe325b1e..c76c4fc2e 100644 --- a/middlewares/index.js +++ b/middlewares/index.js | |||
@@ -1,13 +1,11 @@ | |||
1 | ;(function () { | 1 | 'use strict' |
2 | 'use strict' | ||
3 | 2 | ||
4 | var middlewares = { | 3 | var middlewares = { |
5 | cache: require('./cache'), | 4 | cache: require('./cache'), |
6 | reqValidators: require('./reqValidators'), | 5 | reqValidators: require('./reqValidators'), |
7 | secure: require('./secure') | 6 | secure: require('./secure') |
8 | } | 7 | } |
9 | 8 | ||
10 | // --------------------------------------------------------------------------- | 9 | // --------------------------------------------------------------------------- |
11 | 10 | ||
12 | module.exports = middlewares | 11 | module.exports = middlewares |
13 | })() | ||
diff --git a/middlewares/reqValidators/index.js b/middlewares/reqValidators/index.js index 34d34013c..344387a80 100644 --- a/middlewares/reqValidators/index.js +++ b/middlewares/reqValidators/index.js | |||
@@ -1,13 +1,11 @@ | |||
1 | ;(function () { | 1 | 'use strict' |
2 | 'use strict' | ||
3 | 2 | ||
4 | var reqValidators = { | 3 | var reqValidators = { |
5 | videos: require('./videos'), | 4 | videos: require('./videos'), |
6 | pods: require('./pods'), | 5 | pods: require('./pods'), |
7 | remote: require('./remote') | 6 | remote: require('./remote') |
8 | } | 7 | } |
9 | 8 | ||
10 | // --------------------------------------------------------------------------- | 9 | // --------------------------------------------------------------------------- |
11 | 10 | ||
12 | module.exports = reqValidators | 11 | module.exports = reqValidators |
13 | })() | ||
diff --git a/middlewares/reqValidators/pods.js b/middlewares/reqValidators/pods.js index 4d649b486..7d1612dde 100644 --- a/middlewares/reqValidators/pods.js +++ b/middlewares/reqValidators/pods.js | |||
@@ -1,41 +1,39 @@ | |||
1 | ;(function () { | 1 | 'use strict' |
2 | 'use strict' | 2 | |
3 | 3 | var checkErrors = require('./utils').checkErrors | |
4 | var checkErrors = require('./utils').checkErrors | 4 | var friends = require('../../lib/friends') |
5 | var friends = require('../../lib/friends') | 5 | var logger = require('../../helpers/logger') |
6 | var logger = require('../../helpers/logger') | 6 | |
7 | 7 | var reqValidatorsPod = { | |
8 | var reqValidatorsPod = { | 8 | makeFriends: makeFriends, |
9 | makeFriends: makeFriends, | 9 | podsAdd: podsAdd |
10 | podsAdd: podsAdd | 10 | } |
11 | } | 11 | |
12 | 12 | function makeFriends (req, res, next) { | |
13 | function makeFriends (req, res, next) { | 13 | friends.hasFriends(function (err, has_friends) { |
14 | friends.hasFriends(function (err, has_friends) { | 14 | if (err) { |
15 | if (err) { | 15 | logger.error('Cannot know if we have friends.', { error: err }) |
16 | logger.error('Cannot know if we have friends.', { error: err }) | 16 | res.sendStatus(500) |
17 | res.sendStatus(500) | 17 | } |
18 | } | 18 | |
19 | 19 | if (has_friends === true) { | |
20 | if (has_friends === true) { | 20 | // We need to quit our friends before make new ones |
21 | // We need to quit our friends before make new ones | 21 | res.sendStatus(409) |
22 | res.sendStatus(409) | 22 | } else { |
23 | } else { | 23 | next() |
24 | next() | 24 | } |
25 | } | 25 | }) |
26 | }) | 26 | } |
27 | } | 27 | |
28 | 28 | function podsAdd (req, res, next) { | |
29 | function podsAdd (req, res, next) { | 29 | req.checkBody('data.url', 'Should have an url').notEmpty().isURL({ require_protocol: true }) |
30 | req.checkBody('data.url', 'Should have an url').notEmpty().isURL({ require_protocol: true }) | 30 | req.checkBody('data.publicKey', 'Should have a public key').notEmpty() |
31 | req.checkBody('data.publicKey', 'Should have a public key').notEmpty() | 31 | |
32 | 32 | logger.debug('Checking podsAdd parameters', { parameters: req.body }) | |
33 | logger.debug('Checking podsAdd parameters', { parameters: req.body }) | 33 | |
34 | 34 | checkErrors(req, res, next) | |
35 | checkErrors(req, res, next) | 35 | } |
36 | } | 36 | |
37 | 37 | // --------------------------------------------------------------------------- | |
38 | // --------------------------------------------------------------------------- | 38 | |
39 | 39 | module.exports = reqValidatorsPod | |
40 | module.exports = reqValidatorsPod | ||
41 | })() | ||
diff --git a/middlewares/reqValidators/remote.js b/middlewares/reqValidators/remote.js index 9b61481ad..88de16b49 100644 --- a/middlewares/reqValidators/remote.js +++ b/middlewares/reqValidators/remote.js | |||
@@ -1,45 +1,43 @@ | |||
1 | ;(function () { | 1 | 'use strict' |
2 | 'use strict' | ||
3 | 2 | ||
4 | var checkErrors = require('./utils').checkErrors | 3 | var checkErrors = require('./utils').checkErrors |
5 | var logger = require('../../helpers/logger') | 4 | var logger = require('../../helpers/logger') |
6 | 5 | ||
7 | var reqValidatorsRemote = { | 6 | var reqValidatorsRemote = { |
8 | remoteVideosAdd: remoteVideosAdd, | 7 | remoteVideosAdd: remoteVideosAdd, |
9 | remoteVideosRemove: remoteVideosRemove, | 8 | remoteVideosRemove: remoteVideosRemove, |
10 | secureRequest: secureRequest | 9 | secureRequest: secureRequest |
11 | } | 10 | } |
12 | 11 | ||
13 | function remoteVideosAdd (req, res, next) { | 12 | function remoteVideosAdd (req, res, next) { |
14 | req.checkBody('data').isArray() | 13 | req.checkBody('data').isArray() |
15 | req.checkBody('data').eachIsRemoteVideosAddValid() | 14 | req.checkBody('data').eachIsRemoteVideosAddValid() |
16 | 15 | ||
17 | logger.debug('Checking remoteVideosAdd parameters', { parameters: req.body }) | 16 | logger.debug('Checking remoteVideosAdd parameters', { parameters: req.body }) |
18 | 17 | ||
19 | checkErrors(req, res, next) | 18 | checkErrors(req, res, next) |
20 | } | 19 | } |
21 | 20 | ||
22 | function remoteVideosRemove (req, res, next) { | 21 | function remoteVideosRemove (req, res, next) { |
23 | req.checkBody('data').isArray() | 22 | req.checkBody('data').isArray() |
24 | req.checkBody('data').eachIsRemoteVideosRemoveValid() | 23 | req.checkBody('data').eachIsRemoteVideosRemoveValid() |
25 | 24 | ||
26 | logger.debug('Checking remoteVideosRemove parameters', { parameters: req.body }) | 25 | logger.debug('Checking remoteVideosRemove parameters', { parameters: req.body }) |
27 | 26 | ||
28 | checkErrors(req, res, next) | 27 | checkErrors(req, res, next) |
29 | } | 28 | } |
30 | 29 | ||
31 | function secureRequest (req, res, next) { | 30 | function secureRequest (req, res, next) { |
32 | req.checkBody('signature.url', 'Should have a signature url').isURL() | 31 | req.checkBody('signature.url', 'Should have a signature url').isURL() |
33 | req.checkBody('signature.signature', 'Should have a signature').notEmpty() | 32 | req.checkBody('signature.signature', 'Should have a signature').notEmpty() |
34 | req.checkBody('key', 'Should have a key').notEmpty() | 33 | req.checkBody('key', 'Should have a key').notEmpty() |
35 | req.checkBody('data', 'Should have data').notEmpty() | 34 | req.checkBody('data', 'Should have data').notEmpty() |
36 | 35 | ||
37 | logger.debug('Checking secureRequest parameters', { parameters: { data: req.body.data, keyLength: req.body.key.length } }) | 36 | logger.debug('Checking secureRequest parameters', { parameters: { data: req.body.data, keyLength: req.body.key.length } }) |
38 | 37 | ||
39 | checkErrors(req, res, next) | 38 | checkErrors(req, res, next) |
40 | } | 39 | } |
41 | 40 | ||
42 | // --------------------------------------------------------------------------- | 41 | // --------------------------------------------------------------------------- |
43 | 42 | ||
44 | module.exports = reqValidatorsRemote | 43 | module.exports = reqValidatorsRemote |
45 | })() | ||
diff --git a/middlewares/reqValidators/utils.js b/middlewares/reqValidators/utils.js index c88f6df2e..46c982571 100644 --- a/middlewares/reqValidators/utils.js +++ b/middlewares/reqValidators/utils.js | |||
@@ -1,27 +1,25 @@ | |||
1 | ;(function () { | 1 | 'use strict' |
2 | 'use strict' | ||
3 | 2 | ||
4 | var util = require('util') | 3 | var util = require('util') |
5 | 4 | ||
6 | var logger = require('../../helpers/logger') | 5 | var logger = require('../../helpers/logger') |
7 | 6 | ||
8 | var reqValidatorsUtils = { | 7 | var reqValidatorsUtils = { |
9 | checkErrors: checkErrors | 8 | checkErrors: checkErrors |
10 | } | 9 | } |
11 | |||
12 | function checkErrors (req, res, next, status_code) { | ||
13 | if (status_code === undefined) status_code = 400 | ||
14 | var errors = req.validationErrors() | ||
15 | 10 | ||
16 | if (errors) { | 11 | function checkErrors (req, res, next, status_code) { |
17 | logger.warn('Incorrect request parameters', { path: req.originalUrl, err: errors }) | 12 | if (status_code === undefined) status_code = 400 |
18 | return res.status(status_code).send('There have been validation errors: ' + util.inspect(errors)) | 13 | var errors = req.validationErrors() |
19 | } | ||
20 | 14 | ||
21 | return next() | 15 | if (errors) { |
16 | logger.warn('Incorrect request parameters', { path: req.originalUrl, err: errors }) | ||
17 | return res.status(status_code).send('There have been validation errors: ' + util.inspect(errors)) | ||
22 | } | 18 | } |
23 | 19 | ||
24 | // --------------------------------------------------------------------------- | 20 | return next() |
21 | } | ||
22 | |||
23 | // --------------------------------------------------------------------------- | ||
25 | 24 | ||
26 | module.exports = reqValidatorsUtils | 25 | module.exports = reqValidatorsUtils |
27 | })() | ||
diff --git a/middlewares/reqValidators/videos.js b/middlewares/reqValidators/videos.js index f7bd24658..4e5f4391f 100644 --- a/middlewares/reqValidators/videos.js +++ b/middlewares/reqValidators/videos.js | |||
@@ -1,76 +1,74 @@ | |||
1 | ;(function () { | 1 | 'use strict' |
2 | 'use strict' | ||
3 | 2 | ||
4 | var checkErrors = require('./utils').checkErrors | 3 | var checkErrors = require('./utils').checkErrors |
5 | var logger = require('../../helpers/logger') | 4 | var logger = require('../../helpers/logger') |
6 | var Videos = require('../../models/videos') | 5 | var Videos = require('../../models/videos') |
7 | 6 | ||
8 | var reqValidatorsVideos = { | 7 | var reqValidatorsVideos = { |
9 | videosAdd: videosAdd, | 8 | videosAdd: videosAdd, |
10 | videosGet: videosGet, | 9 | videosGet: videosGet, |
11 | videosRemove: videosRemove, | 10 | videosRemove: videosRemove, |
12 | videosSearch: videosSearch | 11 | videosSearch: videosSearch |
13 | } | 12 | } |
14 | 13 | ||
15 | function videosAdd (req, res, next) { | 14 | function videosAdd (req, res, next) { |
16 | req.checkFiles('input_video[0].originalname', 'Should have an input video').notEmpty() | 15 | req.checkFiles('input_video[0].originalname', 'Should have an input video').notEmpty() |
17 | req.checkFiles('input_video[0].mimetype', 'Should have a correct mime type').matches(/video\/(webm)|(mp4)|(ogg)/i) | 16 | req.checkFiles('input_video[0].mimetype', 'Should have a correct mime type').matches(/video\/(webm)|(mp4)|(ogg)/i) |
18 | req.checkBody('name', 'Should have a name').isLength(1, 50) | 17 | req.checkBody('name', 'Should have a name').isLength(1, 50) |
19 | req.checkBody('description', 'Should have a description').isLength(1, 250) | 18 | req.checkBody('description', 'Should have a description').isLength(1, 250) |
20 | 19 | ||
21 | logger.debug('Checking videosAdd parameters', { parameters: req.body, files: req.files }) | 20 | logger.debug('Checking videosAdd parameters', { parameters: req.body, files: req.files }) |
22 | 21 | ||
23 | checkErrors(req, res, next) | 22 | checkErrors(req, res, next) |
24 | } | 23 | } |
25 | 24 | ||
26 | function videosGet (req, res, next) { | 25 | function videosGet (req, res, next) { |
27 | req.checkParams('id', 'Should have a valid id').notEmpty().isMongoId() | 26 | req.checkParams('id', 'Should have a valid id').notEmpty().isMongoId() |
28 | 27 | ||
29 | logger.debug('Checking videosGet parameters', { parameters: req.params }) | 28 | logger.debug('Checking videosGet parameters', { parameters: req.params }) |
30 | 29 | ||
31 | checkErrors(req, res, function () { | 30 | checkErrors(req, res, function () { |
32 | Videos.getVideoState(req.params.id, function (err, state) { | 31 | Videos.getVideoState(req.params.id, function (err, state) { |
33 | if (err) { | 32 | if (err) { |
34 | logger.error('Error in videosGet request validator.', { error: err }) | 33 | logger.error('Error in videosGet request validator.', { error: err }) |
35 | res.sendStatus(500) | 34 | res.sendStatus(500) |
36 | } | 35 | } |
37 | 36 | ||
38 | if (state.exist === false) return res.status(404).send('Video not found') | 37 | if (state.exist === false) return res.status(404).send('Video not found') |
39 | 38 | ||
40 | next() | 39 | next() |
41 | }) | ||
42 | }) | 40 | }) |
43 | } | 41 | }) |
42 | } | ||
44 | 43 | ||
45 | function videosRemove (req, res, next) { | 44 | function videosRemove (req, res, next) { |
46 | req.checkParams('id', 'Should have a valid id').notEmpty().isMongoId() | 45 | req.checkParams('id', 'Should have a valid id').notEmpty().isMongoId() |
47 | 46 | ||
48 | logger.debug('Checking videosRemove parameters', { parameters: req.params }) | 47 | logger.debug('Checking videosRemove parameters', { parameters: req.params }) |
49 | 48 | ||
50 | checkErrors(req, res, function () { | 49 | checkErrors(req, res, function () { |
51 | Videos.getVideoState(req.params.id, function (err, state) { | 50 | Videos.getVideoState(req.params.id, function (err, state) { |
52 | if (err) { | 51 | if (err) { |
53 | logger.error('Error in videosRemove request validator.', { error: err }) | 52 | logger.error('Error in videosRemove request validator.', { error: err }) |
54 | res.sendStatus(500) | 53 | res.sendStatus(500) |
55 | } | 54 | } |
56 | 55 | ||
57 | if (state.exist === false) return res.status(404).send('Video not found') | 56 | if (state.exist === false) return res.status(404).send('Video not found') |
58 | else if (state.owned === false) return res.status(403).send('Cannot remove video of another pod') | 57 | else if (state.owned === false) return res.status(403).send('Cannot remove video of another pod') |
59 | 58 | ||
60 | next() | 59 | next() |
61 | }) | ||
62 | }) | 60 | }) |
63 | } | 61 | }) |
62 | } | ||
64 | 63 | ||
65 | function videosSearch (req, res, next) { | 64 | function videosSearch (req, res, next) { |
66 | req.checkParams('name', 'Should have a name').notEmpty() | 65 | req.checkParams('name', 'Should have a name').notEmpty() |
67 | 66 | ||
68 | logger.debug('Checking videosSearch parameters', { parameters: req.params }) | 67 | logger.debug('Checking videosSearch parameters', { parameters: req.params }) |
69 | 68 | ||
70 | checkErrors(req, res, next) | 69 | checkErrors(req, res, next) |
71 | } | 70 | } |
72 | 71 | ||
73 | // --------------------------------------------------------------------------- | 72 | // --------------------------------------------------------------------------- |
74 | 73 | ||
75 | module.exports = reqValidatorsVideos | 74 | module.exports = reqValidatorsVideos |
76 | })() | ||
diff --git a/middlewares/secure.js b/middlewares/secure.js index b7a18ad3e..bfd28316a 100644 --- a/middlewares/secure.js +++ b/middlewares/secure.js | |||
@@ -1,51 +1,49 @@ | |||
1 | ;(function () { | 1 | 'use strict' |
2 | 'use strict' | 2 | |
3 | 3 | var logger = require('../helpers/logger') | |
4 | var logger = require('../helpers/logger') | 4 | var peertubeCrypto = require('../helpers/peertubeCrypto') |
5 | var peertubeCrypto = require('../helpers/peertubeCrypto') | 5 | var Pods = require('../models/pods') |
6 | var Pods = require('../models/pods') | 6 | |
7 | 7 | var secureMiddleware = { | |
8 | var secureMiddleware = { | 8 | decryptBody: decryptBody |
9 | decryptBody: decryptBody | 9 | } |
10 | } | 10 | |
11 | 11 | function decryptBody (req, res, next) { | |
12 | function decryptBody (req, res, next) { | 12 | var url = req.body.signature.url |
13 | var url = req.body.signature.url | 13 | Pods.findByUrl(url, function (err, pod) { |
14 | Pods.findByUrl(url, function (err, pod) { | 14 | if (err) { |
15 | if (err) { | 15 | logger.error('Cannot get signed url in decryptBody.', { error: err }) |
16 | logger.error('Cannot get signed url in decryptBody.', { error: err }) | 16 | return res.sendStatus(500) |
17 | return res.sendStatus(500) | 17 | } |
18 | } | 18 | |
19 | 19 | if (pod === null) { | |
20 | if (pod === null) { | 20 | logger.error('Unknown pod %s.', url) |
21 | logger.error('Unknown pod %s.', url) | 21 | return res.sendStatus(403) |
22 | return res.sendStatus(403) | 22 | } |
23 | } | 23 | |
24 | 24 | logger.debug('Decrypting body from %s.', url) | |
25 | logger.debug('Decrypting body from %s.', url) | 25 | |
26 | 26 | var signature_ok = peertubeCrypto.checkSignature(pod.publicKey, url, req.body.signature.signature) | |
27 | var signature_ok = peertubeCrypto.checkSignature(pod.publicKey, url, req.body.signature.signature) | 27 | |
28 | 28 | if (signature_ok === true) { | |
29 | if (signature_ok === true) { | 29 | peertubeCrypto.decrypt(req.body.key, req.body.data, function (err, decrypted) { |
30 | peertubeCrypto.decrypt(req.body.key, req.body.data, function (err, decrypted) { | 30 | if (err) { |
31 | if (err) { | 31 | logger.error('Cannot decrypt data.', { error: err }) |
32 | logger.error('Cannot decrypt data.', { error: err }) | 32 | return res.sendStatus(500) |
33 | return res.sendStatus(500) | 33 | } |
34 | } | 34 | |
35 | 35 | req.body.data = JSON.parse(decrypted) | |
36 | req.body.data = JSON.parse(decrypted) | 36 | delete req.body.key |
37 | delete req.body.key | 37 | |
38 | 38 | next() | |
39 | next() | 39 | }) |
40 | }) | 40 | } else { |
41 | } else { | 41 | logger.error('Signature is not okay in decryptBody for %s.', req.body.signature.url) |
42 | logger.error('Signature is not okay in decryptBody for %s.', req.body.signature.url) | 42 | return res.sendStatus(403) |
43 | return res.sendStatus(403) | 43 | } |
44 | } | 44 | }) |
45 | }) | 45 | } |
46 | } | 46 | |
47 | 47 | // --------------------------------------------------------------------------- | |
48 | // --------------------------------------------------------------------------- | 48 | |
49 | 49 | module.exports = secureMiddleware | |
50 | module.exports = secureMiddleware | ||
51 | })() | ||