diff options
Diffstat (limited to 'middlewares')
-rw-r--r-- | middlewares/index.js | 10 | ||||
-rw-r--r-- | middlewares/misc.js | 19 | ||||
-rw-r--r-- | middlewares/reqValidators/index.js | 6 | ||||
-rw-r--r-- | middlewares/reqValidators/pods.js | 10 | ||||
-rw-r--r-- | middlewares/reqValidators/remote.js | 34 | ||||
-rw-r--r-- | middlewares/reqValidators/utils.js | 11 | ||||
-rw-r--r-- | middlewares/reqValidators/videos.js | 51 |
7 files changed, 87 insertions, 54 deletions
diff --git a/middlewares/index.js b/middlewares/index.js index e727202ba..311dfb6d2 100644 --- a/middlewares/index.js +++ b/middlewares/index.js | |||
@@ -1,10 +1,12 @@ | |||
1 | ;(function () { | 1 | ;(function () { |
2 | 'use strict' | 2 | 'use strict' |
3 | 3 | ||
4 | var middleware = { | 4 | var middlewares = { |
5 | reqValidators: require('./reqValidators'), | 5 | misc: require('./misc'), |
6 | misc: require('./misc') | 6 | reqValidators: require('./reqValidators') |
7 | } | 7 | } |
8 | 8 | ||
9 | module.exports = middleware | 9 | // --------------------------------------------------------------------------- |
10 | |||
11 | module.exports = middlewares | ||
10 | })() | 12 | })() |
diff --git a/middlewares/misc.js b/middlewares/misc.js index f814acd9f..dbb604db3 100644 --- a/middlewares/misc.js +++ b/middlewares/misc.js | |||
@@ -1,16 +1,19 @@ | |||
1 | ;(function () { | 1 | ;(function () { |
2 | 'use strict' | 2 | 'use strict' |
3 | 3 | ||
4 | var ursa = require('ursa') | ||
5 | var fs = require('fs') | 4 | var fs = require('fs') |
5 | var ursa = require('ursa') | ||
6 | 6 | ||
7 | var logger = require('../helpers/logger') | 7 | var logger = require('../helpers/logger') |
8 | var utils = require('../helpers/utils') | ||
9 | var PodsDB = require('../initializers/database').PodsDB | 8 | var PodsDB = require('../initializers/database').PodsDB |
9 | var utils = require('../helpers/utils') | ||
10 | 10 | ||
11 | var misc = {} | 11 | var miscMiddleware = { |
12 | cache: cache, | ||
13 | decryptBody: decryptBody | ||
14 | } | ||
12 | 15 | ||
13 | misc.cache = function (cache) { | 16 | function cache (cache) { |
14 | return function (req, res, next) { | 17 | return function (req, res, next) { |
15 | // If we want explicitly a cache | 18 | // If we want explicitly a cache |
16 | // Or if we don't specify if we want a cache or no and we are in production | 19 | // Or if we don't specify if we want a cache or no and we are in production |
@@ -24,7 +27,7 @@ | |||
24 | } | 27 | } |
25 | } | 28 | } |
26 | 29 | ||
27 | misc.decryptBody = function (req, res, next) { | 30 | function decryptBody (req, res, next) { |
28 | PodsDB.findOne({ url: req.body.signature.url }, function (err, pod) { | 31 | PodsDB.findOne({ url: req.body.signature.url }, function (err, pod) { |
29 | if (err) { | 32 | if (err) { |
30 | logger.error('Cannot get signed url in decryptBody.', { error: err }) | 33 | logger.error('Cannot get signed url in decryptBody.', { error: err }) |
@@ -42,7 +45,7 @@ | |||
42 | var signature_ok = crt.hashAndVerify('sha256', new Buffer(req.body.signature.url).toString('hex'), req.body.signature.signature, 'hex') | 45 | var signature_ok = crt.hashAndVerify('sha256', new Buffer(req.body.signature.url).toString('hex'), req.body.signature.signature, 'hex') |
43 | 46 | ||
44 | if (signature_ok === true) { | 47 | if (signature_ok === true) { |
45 | var myKey = ursa.createPrivateKey(fs.readFileSync(utils.certDir + 'peertube.key.pem')) | 48 | var myKey = ursa.createPrivateKey(fs.readFileSync(utils.getCertDir() + 'peertube.key.pem')) |
46 | var decryptedKey = myKey.decrypt(req.body.key, 'hex', 'utf8') | 49 | var decryptedKey = myKey.decrypt(req.body.key, 'hex', 'utf8') |
47 | req.body.data = JSON.parse(utils.symetricDecrypt(req.body.data, decryptedKey)) | 50 | req.body.data = JSON.parse(utils.symetricDecrypt(req.body.data, decryptedKey)) |
48 | delete req.body.key | 51 | delete req.body.key |
@@ -55,5 +58,7 @@ | |||
55 | }) | 58 | }) |
56 | } | 59 | } |
57 | 60 | ||
58 | module.exports = misc | 61 | // --------------------------------------------------------------------------- |
62 | |||
63 | module.exports = miscMiddleware | ||
59 | })() | 64 | })() |
diff --git a/middlewares/reqValidators/index.js b/middlewares/reqValidators/index.js index 1ea611031..34d34013c 100644 --- a/middlewares/reqValidators/index.js +++ b/middlewares/reqValidators/index.js | |||
@@ -1,11 +1,13 @@ | |||
1 | ;(function () { | 1 | ;(function () { |
2 | 'use strict' | 2 | 'use strict' |
3 | 3 | ||
4 | var reqValidator = { | 4 | var reqValidators = { |
5 | videos: require('./videos'), | 5 | videos: require('./videos'), |
6 | pods: require('./pods'), | 6 | pods: require('./pods'), |
7 | remote: require('./remote') | 7 | remote: require('./remote') |
8 | } | 8 | } |
9 | 9 | ||
10 | module.exports = reqValidator | 10 | // --------------------------------------------------------------------------- |
11 | |||
12 | module.exports = reqValidators | ||
11 | })() | 13 | })() |
diff --git a/middlewares/reqValidators/pods.js b/middlewares/reqValidators/pods.js index 0d023842d..6ccfd7361 100644 --- a/middlewares/reqValidators/pods.js +++ b/middlewares/reqValidators/pods.js | |||
@@ -4,9 +4,11 @@ | |||
4 | var checkErrors = require('./utils').checkErrors | 4 | var checkErrors = require('./utils').checkErrors |
5 | var logger = require('../../helpers/logger') | 5 | var logger = require('../../helpers/logger') |
6 | 6 | ||
7 | var pods = {} | 7 | var reqValidatorsPod = { |
8 | podsAdd: podsAdd | ||
9 | } | ||
8 | 10 | ||
9 | pods.podsAdd = function (req, res, next) { | 11 | function podsAdd (req, res, next) { |
10 | req.checkBody('data.url', 'Should have an url').notEmpty().isURL({ require_protocol: true }) | 12 | req.checkBody('data.url', 'Should have an url').notEmpty().isURL({ require_protocol: true }) |
11 | req.checkBody('data.publicKey', 'Should have a public key').notEmpty() | 13 | req.checkBody('data.publicKey', 'Should have a public key').notEmpty() |
12 | 14 | ||
@@ -15,5 +17,7 @@ | |||
15 | checkErrors(req, res, next) | 17 | checkErrors(req, res, next) |
16 | } | 18 | } |
17 | 19 | ||
18 | module.exports = pods | 20 | // --------------------------------------------------------------------------- |
21 | |||
22 | module.exports = reqValidatorsPod | ||
19 | })() | 23 | })() |
diff --git a/middlewares/reqValidators/remote.js b/middlewares/reqValidators/remote.js index 4b161e292..9b61481ad 100644 --- a/middlewares/reqValidators/remote.js +++ b/middlewares/reqValidators/remote.js | |||
@@ -4,20 +4,13 @@ | |||
4 | var checkErrors = require('./utils').checkErrors | 4 | var checkErrors = require('./utils').checkErrors |
5 | var logger = require('../../helpers/logger') | 5 | var logger = require('../../helpers/logger') |
6 | 6 | ||
7 | var remote = {} | 7 | var reqValidatorsRemote = { |
8 | 8 | remoteVideosAdd: remoteVideosAdd, | |
9 | remote.secureRequest = function (req, res, next) { | 9 | remoteVideosRemove: remoteVideosRemove, |
10 | req.checkBody('signature.url', 'Should have a signature url').isURL() | 10 | secureRequest: secureRequest |
11 | req.checkBody('signature.signature', 'Should have a signature').notEmpty() | ||
12 | req.checkBody('key', 'Should have a key').notEmpty() | ||
13 | req.checkBody('data', 'Should have data').notEmpty() | ||
14 | |||
15 | logger.debug('Checking secureRequest parameters', { parameters: { data: req.body.data, keyLength: req.body.key.length } }) | ||
16 | |||
17 | checkErrors(req, res, next) | ||
18 | } | 11 | } |
19 | 12 | ||
20 | remote.remoteVideosAdd = function (req, res, next) { | 13 | function remoteVideosAdd (req, res, next) { |
21 | req.checkBody('data').isArray() | 14 | req.checkBody('data').isArray() |
22 | req.checkBody('data').eachIsRemoteVideosAddValid() | 15 | req.checkBody('data').eachIsRemoteVideosAddValid() |
23 | 16 | ||
@@ -26,7 +19,7 @@ | |||
26 | checkErrors(req, res, next) | 19 | checkErrors(req, res, next) |
27 | } | 20 | } |
28 | 21 | ||
29 | remote.remoteVideosRemove = function (req, res, next) { | 22 | function remoteVideosRemove (req, res, next) { |
30 | req.checkBody('data').isArray() | 23 | req.checkBody('data').isArray() |
31 | req.checkBody('data').eachIsRemoteVideosRemoveValid() | 24 | req.checkBody('data').eachIsRemoteVideosRemoveValid() |
32 | 25 | ||
@@ -35,5 +28,18 @@ | |||
35 | checkErrors(req, res, next) | 28 | checkErrors(req, res, next) |
36 | } | 29 | } |
37 | 30 | ||
38 | module.exports = remote | 31 | function secureRequest (req, res, next) { |
32 | req.checkBody('signature.url', 'Should have a signature url').isURL() | ||
33 | req.checkBody('signature.signature', 'Should have a signature').notEmpty() | ||
34 | req.checkBody('key', 'Should have a key').notEmpty() | ||
35 | req.checkBody('data', 'Should have data').notEmpty() | ||
36 | |||
37 | logger.debug('Checking secureRequest parameters', { parameters: { data: req.body.data, keyLength: req.body.key.length } }) | ||
38 | |||
39 | checkErrors(req, res, next) | ||
40 | } | ||
41 | |||
42 | // --------------------------------------------------------------------------- | ||
43 | |||
44 | module.exports = reqValidatorsRemote | ||
39 | })() | 45 | })() |
diff --git a/middlewares/reqValidators/utils.js b/middlewares/reqValidators/utils.js index 5bc9f4f0b..c88f6df2e 100644 --- a/middlewares/reqValidators/utils.js +++ b/middlewares/reqValidators/utils.js | |||
@@ -2,11 +2,14 @@ | |||
2 | 'use strict' | 2 | 'use strict' |
3 | 3 | ||
4 | var util = require('util') | 4 | var util = require('util') |
5 | |||
5 | var logger = require('../../helpers/logger') | 6 | var logger = require('../../helpers/logger') |
6 | 7 | ||
7 | var utils = {} | 8 | var reqValidatorsUtils = { |
9 | checkErrors: checkErrors | ||
10 | } | ||
8 | 11 | ||
9 | utils.checkErrors = function (req, res, next, status_code) { | 12 | function checkErrors (req, res, next, status_code) { |
10 | if (status_code === undefined) status_code = 400 | 13 | if (status_code === undefined) status_code = 400 |
11 | var errors = req.validationErrors() | 14 | var errors = req.validationErrors() |
12 | 15 | ||
@@ -18,5 +21,7 @@ | |||
18 | return next() | 21 | return next() |
19 | } | 22 | } |
20 | 23 | ||
21 | module.exports = utils | 24 | // --------------------------------------------------------------------------- |
25 | |||
26 | module.exports = reqValidatorsUtils | ||
22 | })() | 27 | })() |
diff --git a/middlewares/reqValidators/videos.js b/middlewares/reqValidators/videos.js index a34445f7a..3479c47c3 100644 --- a/middlewares/reqValidators/videos.js +++ b/middlewares/reqValidators/videos.js | |||
@@ -2,28 +2,17 @@ | |||
2 | 'use strict' | 2 | 'use strict' |
3 | 3 | ||
4 | var checkErrors = require('./utils').checkErrors | 4 | var checkErrors = require('./utils').checkErrors |
5 | var VideosDB = require('../../initializers/database').VideosDB | ||
6 | var logger = require('../../helpers/logger') | 5 | var logger = require('../../helpers/logger') |
6 | var VideosDB = require('../../initializers/database').VideosDB | ||
7 | 7 | ||
8 | var videos = {} | 8 | var reqValidatorsVideos = { |
9 | 9 | videosAdd: videosAdd, | |
10 | function findVideoById (id, callback) { | 10 | videosGet: videosGet, |
11 | VideosDB.findById(id, { _id: 1, namePath: 1 }).limit(1).exec(function (err, video) { | 11 | videosRemove: videosRemove, |
12 | if (err) throw err | 12 | videosSearch: videosSearch |
13 | |||
14 | callback(video) | ||
15 | }) | ||
16 | } | ||
17 | |||
18 | videos.videosSearch = function (req, res, next) { | ||
19 | req.checkParams('name', 'Should have a name').notEmpty() | ||
20 | |||
21 | logger.debug('Checking videosSearch parameters', { parameters: req.params }) | ||
22 | |||
23 | checkErrors(req, res, next) | ||
24 | } | 13 | } |
25 | 14 | ||
26 | videos.videosAdd = function (req, res, next) { | 15 | function videosAdd (req, res, next) { |
27 | req.checkFiles('input_video[0].originalname', 'Should have an input video').notEmpty() | 16 | req.checkFiles('input_video[0].originalname', 'Should have an input video').notEmpty() |
28 | req.checkFiles('input_video[0].mimetype', 'Should have a correct mime type').matches(/video\/(webm)|(mp4)|(ogg)/i) | 17 | req.checkFiles('input_video[0].mimetype', 'Should have a correct mime type').matches(/video\/(webm)|(mp4)|(ogg)/i) |
29 | req.checkBody('name', 'Should have a name').isLength(1, 50) | 18 | req.checkBody('name', 'Should have a name').isLength(1, 50) |
@@ -34,7 +23,7 @@ | |||
34 | checkErrors(req, res, next) | 23 | checkErrors(req, res, next) |
35 | } | 24 | } |
36 | 25 | ||
37 | videos.videosGet = function (req, res, next) { | 26 | function videosGet (req, res, next) { |
38 | req.checkParams('id', 'Should have a valid id').notEmpty().isMongoId() | 27 | req.checkParams('id', 'Should have a valid id').notEmpty().isMongoId() |
39 | 28 | ||
40 | logger.debug('Checking videosGet parameters', { parameters: req.params }) | 29 | logger.debug('Checking videosGet parameters', { parameters: req.params }) |
@@ -48,7 +37,7 @@ | |||
48 | }) | 37 | }) |
49 | } | 38 | } |
50 | 39 | ||
51 | videos.videosRemove = function (req, res, next) { | 40 | function videosRemove (req, res, next) { |
52 | req.checkParams('id', 'Should have a valid id').notEmpty().isMongoId() | 41 | req.checkParams('id', 'Should have a valid id').notEmpty().isMongoId() |
53 | 42 | ||
54 | logger.debug('Checking videosRemove parameters', { parameters: req.params }) | 43 | logger.debug('Checking videosRemove parameters', { parameters: req.params }) |
@@ -63,5 +52,25 @@ | |||
63 | }) | 52 | }) |
64 | } | 53 | } |
65 | 54 | ||
66 | module.exports = videos | 55 | function videosSearch (req, res, next) { |
56 | req.checkParams('name', 'Should have a name').notEmpty() | ||
57 | |||
58 | logger.debug('Checking videosSearch parameters', { parameters: req.params }) | ||
59 | |||
60 | checkErrors(req, res, next) | ||
61 | } | ||
62 | |||
63 | // --------------------------------------------------------------------------- | ||
64 | |||
65 | module.exports = reqValidatorsVideos | ||
66 | |||
67 | // --------------------------------------------------------------------------- | ||
68 | |||
69 | function findVideoById (id, callback) { | ||
70 | VideosDB.findById(id, { _id: 1, namePath: 1 }).limit(1).exec(function (err, video) { | ||
71 | if (err) throw err | ||
72 | |||
73 | callback(video) | ||
74 | }) | ||
75 | } | ||
67 | })() | 76 | })() |