diff options
Diffstat (limited to 'server.ts')
| -rw-r--r-- | server.ts | 16 |
1 files changed, 13 insertions, 3 deletions
| @@ -16,6 +16,7 @@ import * as cookieParser from 'cookie-parser' | |||
| 16 | import * as helmet from 'helmet' | 16 | import * as helmet from 'helmet' |
| 17 | import * as useragent from 'useragent' | 17 | import * as useragent from 'useragent' |
| 18 | import * as anonymize from 'ip-anonymize' | 18 | import * as anonymize from 'ip-anonymize' |
| 19 | import * as cli from 'commander' | ||
| 19 | 20 | ||
| 20 | process.title = 'peertube' | 21 | process.title = 'peertube' |
| 21 | 22 | ||
| @@ -27,7 +28,7 @@ import { checkMissedConfig, checkFFmpeg } from './server/initializers/checker-be | |||
| 27 | 28 | ||
| 28 | // Do not use barrels because we don't want to load all modules here (we need to initialize database first) | 29 | // Do not use barrels because we don't want to load all modules here (we need to initialize database first) |
| 29 | import { logger } from './server/helpers/logger' | 30 | import { logger } from './server/helpers/logger' |
| 30 | import { API_VERSION, CONFIG, CACHE } from './server/initializers/constants' | 31 | import { API_VERSION, CONFIG, CACHE, HTTP_SIGNATURE } from './server/initializers/constants' |
| 31 | 32 | ||
| 32 | const missed = checkMissedConfig() | 33 | const missed = checkMissedConfig() |
| 33 | if (missed.length !== 0) { | 34 | if (missed.length !== 0) { |
| @@ -95,9 +96,14 @@ import { RemoveOldJobsScheduler } from './server/lib/schedulers/remove-old-jobs- | |||
| 95 | import { UpdateVideosScheduler } from './server/lib/schedulers/update-videos-scheduler' | 96 | import { UpdateVideosScheduler } from './server/lib/schedulers/update-videos-scheduler' |
| 96 | import { YoutubeDlUpdateScheduler } from './server/lib/schedulers/youtube-dl-update-scheduler' | 97 | import { YoutubeDlUpdateScheduler } from './server/lib/schedulers/youtube-dl-update-scheduler' |
| 97 | import { VideosRedundancyScheduler } from './server/lib/schedulers/videos-redundancy-scheduler' | 98 | import { VideosRedundancyScheduler } from './server/lib/schedulers/videos-redundancy-scheduler' |
| 99 | import { isHTTPSignatureDigestValid } from './server/helpers/peertube-crypto' | ||
| 98 | 100 | ||
| 99 | // ----------- Command line ----------- | 101 | // ----------- Command line ----------- |
| 100 | 102 | ||
| 103 | cli | ||
| 104 | .option('--no-client', 'Start PeerTube without client interface') | ||
| 105 | .parse(process.argv) | ||
| 106 | |||
| 101 | // ----------- App ----------- | 107 | // ----------- App ----------- |
| 102 | 108 | ||
| 103 | // Enable CORS for develop | 109 | // Enable CORS for develop |
| @@ -126,7 +132,11 @@ app.use(morgan('combined', { | |||
| 126 | app.use(bodyParser.urlencoded({ extended: false })) | 132 | app.use(bodyParser.urlencoded({ extended: false })) |
| 127 | app.use(bodyParser.json({ | 133 | app.use(bodyParser.json({ |
| 128 | type: [ 'application/json', 'application/*+json' ], | 134 | type: [ 'application/json', 'application/*+json' ], |
| 129 | limit: '500kb' | 135 | limit: '500kb', |
| 136 | verify: (req: express.Request, _, buf: Buffer, encoding: string) => { | ||
| 137 | const valid = isHTTPSignatureDigestValid(buf, req) | ||
| 138 | if (valid !== true) throw new Error('Invalid digest') | ||
| 139 | } | ||
| 130 | })) | 140 | })) |
| 131 | // Cookies | 141 | // Cookies |
| 132 | app.use(cookieParser()) | 142 | app.use(cookieParser()) |
| @@ -151,7 +161,7 @@ app.use('/', trackerRouter) | |||
| 151 | app.use('/', staticRouter) | 161 | app.use('/', staticRouter) |
| 152 | 162 | ||
| 153 | // Client files, last valid routes! | 163 | // Client files, last valid routes! |
| 154 | app.use('/', clientsRouter) | 164 | if (cli.client) app.use('/', clientsRouter) |
| 155 | 165 | ||
| 156 | // ----------- Errors ----------- | 166 | // ----------- Errors ----------- |
| 157 | 167 | ||