aboutsummaryrefslogtreecommitdiffhomepage
path: root/server/helpers
diff options
context:
space:
mode:
Diffstat (limited to 'server/helpers')
-rw-r--r--server/helpers/custom-validators/index.js17
-rw-r--r--server/helpers/custom-validators/misc.js18
-rw-r--r--server/helpers/custom-validators/pods.js21
-rw-r--r--server/helpers/custom-validators/users.js31
-rw-r--r--server/helpers/custom-validators/videos.js (renamed from server/helpers/custom-validators.js)105
-rw-r--r--server/helpers/logger.js10
-rw-r--r--server/helpers/peertube-crypto.js60
-rw-r--r--server/helpers/requests.js15
-rw-r--r--server/helpers/utils.js4
9 files changed, 189 insertions, 92 deletions
diff --git a/server/helpers/custom-validators/index.js b/server/helpers/custom-validators/index.js
new file mode 100644
index 000000000..96b5b20b9
--- /dev/null
+++ b/server/helpers/custom-validators/index.js
@@ -0,0 +1,17 @@
1'use strict'
2
3const miscValidators = require('./misc')
4const podsValidators = require('./pods')
5const usersValidators = require('./users')
6const videosValidators = require('./videos')
7
8const validators = {
9 misc: miscValidators,
10 pods: podsValidators,
11 users: usersValidators,
12 videos: videosValidators
13}
14
15// ---------------------------------------------------------------------------
16
17module.exports = validators
diff --git a/server/helpers/custom-validators/misc.js b/server/helpers/custom-validators/misc.js
new file mode 100644
index 000000000..052726241
--- /dev/null
+++ b/server/helpers/custom-validators/misc.js
@@ -0,0 +1,18 @@
1'use strict'
2
3const miscValidators = {
4 exists,
5 isArray
6}
7
8function exists (value) {
9 return value !== undefined && value !== null
10}
11
12function isArray (value) {
13 return Array.isArray(value)
14}
15
16// ---------------------------------------------------------------------------
17
18module.exports = miscValidators
diff --git a/server/helpers/custom-validators/pods.js b/server/helpers/custom-validators/pods.js
new file mode 100644
index 000000000..40f8b5d0b
--- /dev/null
+++ b/server/helpers/custom-validators/pods.js
@@ -0,0 +1,21 @@
1'use strict'
2
3const validator = require('express-validator').validator
4
5const miscValidators = require('./misc')
6
7const podsValidators = {
8 isEachUniqueUrlValid
9}
10
11function isEachUniqueUrlValid (urls) {
12 return miscValidators.isArray(urls) &&
13 urls.length !== 0 &&
14 urls.every(function (url) {
15 return validator.isURL(url) && urls.indexOf(url) === urls.lastIndexOf(url)
16 })
17}
18
19// ---------------------------------------------------------------------------
20
21module.exports = podsValidators
diff --git a/server/helpers/custom-validators/users.js b/server/helpers/custom-validators/users.js
new file mode 100644
index 000000000..88fa1592e
--- /dev/null
+++ b/server/helpers/custom-validators/users.js
@@ -0,0 +1,31 @@
1'use strict'
2
3const validator = require('express-validator').validator
4const values = require('lodash/values')
5
6const constants = require('../../initializers/constants')
7const USERS_CONSTRAINTS_FIELDS = constants.CONSTRAINTS_FIELDS.USERS
8
9const usersValidators = {
10 isUserPasswordValid,
11 isUserRoleValid,
12 isUserUsernameValid
13}
14
15function isUserPasswordValid (value) {
16 return validator.isLength(value, USERS_CONSTRAINTS_FIELDS.PASSWORD)
17}
18
19function isUserRoleValid (value) {
20 return values(constants.USER_ROLES).indexOf(value) !== -1
21}
22
23function isUserUsernameValid (value) {
24 const max = USERS_CONSTRAINTS_FIELDS.USERNAME.max
25 const min = USERS_CONSTRAINTS_FIELDS.USERNAME.min
26 return validator.matches(value, new RegExp(`^[a-zA-Z0-9._]{${min},${max}}$`))
27}
28
29// ---------------------------------------------------------------------------
30
31module.exports = usersValidators
diff --git a/server/helpers/custom-validators.js b/server/helpers/custom-validators/videos.js
index b666644c0..a507ff686 100644
--- a/server/helpers/custom-validators.js
+++ b/server/helpers/custom-validators/videos.js
@@ -2,66 +2,51 @@
2 2
3const validator = require('express-validator').validator 3const validator = require('express-validator').validator
4 4
5const constants = require('../initializers/constants') 5const constants = require('../../initializers/constants')
6const VIDEOS_CONSTRAINTS_FIELDS = constants.VIDEOS_CONSTRAINTS_FIELDS 6const usersValidators = require('./users')
7 7const miscValidators = require('./misc')
8const customValidators = { 8const VIDEOS_CONSTRAINTS_FIELDS = constants.CONSTRAINTS_FIELDS.VIDEOS
9 exists: exists, 9
10 isEachRemoteVideosValid: isEachRemoteVideosValid, 10const videosValidators = {
11 isArray: isArray, 11 isEachRemoteVideosValid,
12 isVideoAuthorValid: isVideoAuthorValid, 12 isVideoAuthorValid,
13 isVideoDateValid: isVideoDateValid, 13 isVideoDateValid,
14 isVideoDescriptionValid: isVideoDescriptionValid, 14 isVideoDescriptionValid,
15 isVideoDurationValid: isVideoDurationValid, 15 isVideoDurationValid,
16 isVideoMagnetUriValid: isVideoMagnetUriValid, 16 isVideoMagnetUriValid,
17 isVideoNameValid: isVideoNameValid, 17 isVideoNameValid,
18 isVideoPodUrlValid: isVideoPodUrlValid, 18 isVideoPodUrlValid,
19 isVideoTagsValid: isVideoTagsValid, 19 isVideoTagsValid,
20 isVideoThumbnailValid: isVideoThumbnailValid, 20 isVideoThumbnailValid,
21 isVideoThumbnail64Valid: isVideoThumbnail64Valid 21 isVideoThumbnail64Valid
22}
23
24function exists (value) {
25 return value !== undefined && value !== null
26} 22}
27 23
28function isEachRemoteVideosValid (requests) { 24function isEachRemoteVideosValid (requests) {
29 return requests.every(function (request) { 25 return miscValidators.isArray(requests) &&
30 const video = request.data 26 requests.every(function (request) {
31 return ( 27 const video = request.data
32 isRequestTypeAddValid(request.type) && 28 return (
33 isVideoAuthorValid(video.author) && 29 isRequestTypeAddValid(request.type) &&
34 isVideoDateValid(video.createdDate) && 30 isVideoAuthorValid(video.author) &&
35 isVideoDescriptionValid(video.description) && 31 isVideoDateValid(video.createdDate) &&
36 isVideoDurationValid(video.duration) && 32 isVideoDescriptionValid(video.description) &&
37 isVideoMagnetUriValid(video.magnetUri) && 33 isVideoDurationValid(video.duration) &&
38 isVideoNameValid(video.name) && 34 isVideoMagnetUriValid(video.magnetUri) &&
39 isVideoPodUrlValid(video.podUrl) && 35 isVideoNameValid(video.name) &&
40 isVideoTagsValid(video.tags) && 36 isVideoPodUrlValid(video.podUrl) &&
41 isVideoThumbnail64Valid(video.thumbnailBase64) 37 isVideoTagsValid(video.tags) &&
42 ) || 38 isVideoThumbnail64Valid(video.thumbnailBase64)
43 ( 39 ) ||
44 isRequestTypeRemoveValid(request.type) && 40 (
45 isVideoNameValid(video.name) && 41 isRequestTypeRemoveValid(request.type) &&
46 isVideoMagnetUriValid(video.magnetUri) 42 isVideoNameValid(video.name) &&
47 ) 43 isVideoMagnetUriValid(video.magnetUri)
48 }) 44 )
49} 45 })
50
51function isArray (value) {
52 return Array.isArray(value)
53}
54
55function isRequestTypeAddValid (value) {
56 return value === 'add'
57}
58
59function isRequestTypeRemoveValid (value) {
60 return value === 'remove'
61} 46}
62 47
63function isVideoAuthorValid (value) { 48function isVideoAuthorValid (value) {
64 return validator.isLength(value, VIDEOS_CONSTRAINTS_FIELDS.AUTHOR) 49 return usersValidators.isUserUsernameValid(value)
65} 50}
66 51
67function isVideoDateValid (value) { 52function isVideoDateValid (value) {
@@ -90,7 +75,7 @@ function isVideoPodUrlValid (value) {
90} 75}
91 76
92function isVideoTagsValid (tags) { 77function isVideoTagsValid (tags) {
93 return isArray(tags) && 78 return miscValidators.isArray(tags) &&
94 validator.isInt(tags.length, VIDEOS_CONSTRAINTS_FIELDS.TAGS) && 79 validator.isInt(tags.length, VIDEOS_CONSTRAINTS_FIELDS.TAGS) &&
95 tags.every(function (tag) { 80 tags.every(function (tag) {
96 return validator.isAlphanumeric(tag) && 81 return validator.isAlphanumeric(tag) &&
@@ -109,6 +94,14 @@ function isVideoThumbnail64Valid (value) {
109 94
110// --------------------------------------------------------------------------- 95// ---------------------------------------------------------------------------
111 96
112module.exports = customValidators 97module.exports = videosValidators
113 98
114// --------------------------------------------------------------------------- 99// ---------------------------------------------------------------------------
100
101function isRequestTypeAddValid (value) {
102 return value === 'add'
103}
104
105function isRequestTypeRemoveValid (value) {
106 return value === 'remove'
107}
diff --git a/server/helpers/logger.js b/server/helpers/logger.js
index 8ae90a4b2..590ceaeb6 100644
--- a/server/helpers/logger.js
+++ b/server/helpers/logger.js
@@ -1,23 +1,23 @@
1// Thanks http://tostring.it/2014/06/23/advanced-logging-with-nodejs/ 1// Thanks http://tostring.it/2014/06/23/advanced-logging-with-nodejs/
2'use strict' 2'use strict'
3 3
4const config = require('config')
5const mkdirp = require('mkdirp') 4const mkdirp = require('mkdirp')
6const path = require('path') 5const path = require('path')
7const winston = require('winston') 6const winston = require('winston')
8winston.emitErrs = true 7winston.emitErrs = true
9 8
10const logDir = path.join(__dirname, '..', '..', config.get('storage.logs')) 9const constants = require('../initializers/constants')
11const label = config.get('webserver.host') + ':' + config.get('webserver.port') 10
11const label = constants.CONFIG.WEBSERVER.HOST + ':' + constants.CONFIG.WEBSERVER.PORT
12 12
13// Create the directory if it does not exist 13// Create the directory if it does not exist
14mkdirp.sync(logDir) 14mkdirp.sync(constants.CONFIG.STORAGE.LOG_DIR)
15 15
16const logger = new winston.Logger({ 16const logger = new winston.Logger({
17 transports: [ 17 transports: [
18 new winston.transports.File({ 18 new winston.transports.File({
19 level: 'debug', 19 level: 'debug',
20 filename: path.join(logDir, 'all-logs.log'), 20 filename: path.join(constants.CONFIG.STORAGE.LOG_DIR, 'all-logs.log'),
21 handleExceptions: true, 21 handleExceptions: true,
22 json: true, 22 json: true,
23 maxsize: 5242880, 23 maxsize: 5242880,
diff --git a/server/helpers/peertube-crypto.js b/server/helpers/peertube-crypto.js
index 46dff8d03..1ff638b04 100644
--- a/server/helpers/peertube-crypto.js
+++ b/server/helpers/peertube-crypto.js
@@ -1,24 +1,24 @@
1'use strict' 1'use strict'
2 2
3const config = require('config') 3const bcrypt = require('bcrypt')
4const crypto = require('crypto') 4const crypto = require('crypto')
5const fs = require('fs') 5const fs = require('fs')
6const openssl = require('openssl-wrapper') 6const openssl = require('openssl-wrapper')
7const path = require('path')
8const ursa = require('ursa') 7const ursa = require('ursa')
9 8
9const constants = require('../initializers/constants')
10const logger = require('./logger') 10const logger = require('./logger')
11 11
12const certDir = path.join(__dirname, '..', '..', config.get('storage.certs'))
13const algorithm = 'aes-256-ctr' 12const algorithm = 'aes-256-ctr'
14 13
15const peertubeCrypto = { 14const peertubeCrypto = {
16 checkSignature: checkSignature, 15 checkSignature,
17 createCertsIfNotExist: createCertsIfNotExist, 16 comparePassword,
18 decrypt: decrypt, 17 createCertsIfNotExist,
19 encrypt: encrypt, 18 cryptPassword,
20 getCertDir: getCertDir, 19 decrypt,
21 sign: sign 20 encrypt,
21 sign
22} 22}
23 23
24function checkSignature (publicKey, rawData, hexSignature) { 24function checkSignature (publicKey, rawData, hexSignature) {
@@ -27,6 +27,14 @@ function checkSignature (publicKey, rawData, hexSignature) {
27 return isValid 27 return isValid
28} 28}
29 29
30function comparePassword (plainPassword, hashPassword, callback) {
31 bcrypt.compare(plainPassword, hashPassword, function (err, isPasswordMatch) {
32 if (err) return callback(err)
33
34 return callback(null, isPasswordMatch)
35 })
36}
37
30function createCertsIfNotExist (callback) { 38function createCertsIfNotExist (callback) {
31 certsExist(function (exist) { 39 certsExist(function (exist) {
32 if (exist === true) { 40 if (exist === true) {
@@ -39,8 +47,18 @@ function createCertsIfNotExist (callback) {
39 }) 47 })
40} 48}
41 49
50function cryptPassword (password, callback) {
51 bcrypt.genSalt(constants.BCRYPT_SALT_SIZE, function (err, salt) {
52 if (err) return callback(err)
53
54 bcrypt.hash(password, salt, function (err, hash) {
55 return callback(err, hash)
56 })
57 })
58}
59
42function decrypt (key, data, callback) { 60function decrypt (key, data, callback) {
43 fs.readFile(getCertDir() + 'peertube.key.pem', function (err, file) { 61 fs.readFile(constants.CONFIG.STORAGE.CERT_DIR + 'peertube.key.pem', function (err, file) {
44 if (err) return callback(err) 62 if (err) return callback(err)
45 63
46 const myPrivateKey = ursa.createPrivateKey(file) 64 const myPrivateKey = ursa.createPrivateKey(file)
@@ -67,12 +85,8 @@ function encrypt (publicKey, data, callback) {
67 }) 85 })
68} 86}
69 87
70function getCertDir () {
71 return certDir
72}
73
74function sign (data) { 88function sign (data) {
75 const myKey = ursa.createPrivateKey(fs.readFileSync(certDir + 'peertube.key.pem')) 89 const myKey = ursa.createPrivateKey(fs.readFileSync(constants.CONFIG.STORAGE.CERT_DIR + 'peertube.key.pem'))
76 const signature = myKey.hashAndSign('sha256', data, 'utf8', 'hex') 90 const signature = myKey.hashAndSign('sha256', data, 'utf8', 'hex')
77 91
78 return signature 92 return signature
@@ -85,7 +99,7 @@ module.exports = peertubeCrypto
85// --------------------------------------------------------------------------- 99// ---------------------------------------------------------------------------
86 100
87function certsExist (callback) { 101function certsExist (callback) {
88 fs.exists(certDir + 'peertube.key.pem', function (exists) { 102 fs.exists(constants.CONFIG.STORAGE.CERT_DIR + 'peertube.key.pem', function (exists) {
89 return callback(exists) 103 return callback(exists)
90 }) 104 })
91} 105}
@@ -99,15 +113,25 @@ function createCerts (callback) {
99 } 113 }
100 114
101 logger.info('Generating a RSA key...') 115 logger.info('Generating a RSA key...')
102 openssl.exec('genrsa', { 'out': certDir + 'peertube.key.pem', '2048': false }, function (err) { 116
117 let options = {
118 'out': constants.CONFIG.STORAGE.CERT_DIR + 'peertube.key.pem',
119 '2048': false
120 }
121 openssl.exec('genrsa', options, function (err) {
103 if (err) { 122 if (err) {
104 logger.error('Cannot create private key on this pod.') 123 logger.error('Cannot create private key on this pod.')
105 return callback(err) 124 return callback(err)
106 } 125 }
107 logger.info('RSA key generated.') 126 logger.info('RSA key generated.')
108 127
128 options = {
129 'in': constants.CONFIG.STORAGE.CERT_DIR + 'peertube.key.pem',
130 'pubout': true,
131 'out': constants.CONFIG.STORAGE.CERT_DIR + 'peertube.pub'
132 }
109 logger.info('Manage public key...') 133 logger.info('Manage public key...')
110 openssl.exec('rsa', { 'in': certDir + 'peertube.key.pem', 'pubout': true, 'out': certDir + 'peertube.pub' }, function (err) { 134 openssl.exec('rsa', options, function (err) {
111 if (err) { 135 if (err) {
112 logger.error('Cannot create public key on this pod.') 136 logger.error('Cannot create public key on this pod.')
113 return callback(err) 137 return callback(err)
diff --git a/server/helpers/requests.js b/server/helpers/requests.js
index 547230adc..95775c981 100644
--- a/server/helpers/requests.js
+++ b/server/helpers/requests.js
@@ -1,19 +1,14 @@
1'use strict' 1'use strict'
2 2
3const config = require('config')
4const replay = require('request-replay') 3const replay = require('request-replay')
5const request = require('request') 4const request = require('request')
6 5
7const constants = require('../initializers/constants') 6const constants = require('../initializers/constants')
8const peertubeCrypto = require('./peertube-crypto') 7const peertubeCrypto = require('./peertube-crypto')
9 8
10const http = config.get('webserver.https') ? 'https' : 'http'
11const host = config.get('webserver.host')
12const port = config.get('webserver.port')
13
14const requests = { 9const requests = {
15 makeRetryRequest: makeRetryRequest, 10 makeRetryRequest,
16 makeSecureRequest: makeSecureRequest 11 makeSecureRequest
17} 12}
18 13
19function makeRetryRequest (params, callback) { 14function makeRetryRequest (params, callback) {
@@ -29,8 +24,6 @@ function makeRetryRequest (params, callback) {
29} 24}
30 25
31function makeSecureRequest (params, callback) { 26function makeSecureRequest (params, callback) {
32 const myUrl = http + '://' + host + ':' + port
33
34 const requestParams = { 27 const requestParams = {
35 url: params.toPod.url + params.path 28 url: params.toPod.url + params.path
36 } 29 }
@@ -42,8 +35,8 @@ function makeSecureRequest (params, callback) {
42 // Add signature if it is specified in the params 35 // Add signature if it is specified in the params
43 if (params.sign === true) { 36 if (params.sign === true) {
44 requestParams.json.signature = { 37 requestParams.json.signature = {
45 url: myUrl, 38 url: constants.CONFIG.WEBSERVER.URL,
46 signature: peertubeCrypto.sign(myUrl) 39 signature: peertubeCrypto.sign(constants.CONFIG.WEBSERVER.URL)
47 } 40 }
48 } 41 }
49 42
diff --git a/server/helpers/utils.js b/server/helpers/utils.js
index a77116e08..9c2d402e3 100644
--- a/server/helpers/utils.js
+++ b/server/helpers/utils.js
@@ -5,8 +5,8 @@ const crypto = require('crypto')
5const logger = require('./logger') 5const logger = require('./logger')
6 6
7const utils = { 7const utils = {
8 cleanForExit: cleanForExit, 8 cleanForExit,
9 generateRandomString: generateRandomString 9 generateRandomString
10} 10}
11 11
12function generateRandomString (size, callback) { 12function generateRandomString (size, callback) {