diff options
Diffstat (limited to 'server/middlewares/secure.js')
-rw-r--r-- | server/middlewares/secure.js | 52 |
1 files changed, 0 insertions, 52 deletions
diff --git a/server/middlewares/secure.js b/server/middlewares/secure.js deleted file mode 100644 index 7c5c72508..000000000 --- a/server/middlewares/secure.js +++ /dev/null | |||
@@ -1,52 +0,0 @@ | |||
1 | 'use strict' | ||
2 | |||
3 | const db = require('../initializers/database') | ||
4 | const logger = require('../helpers/logger') | ||
5 | const peertubeCrypto = require('../helpers/peertube-crypto') | ||
6 | |||
7 | const secureMiddleware = { | ||
8 | checkSignature | ||
9 | } | ||
10 | |||
11 | function checkSignature (req, res, next) { | ||
12 | const host = req.body.signature.host | ||
13 | db.Pod.loadByHost(host, function (err, pod) { | ||
14 | if (err) { | ||
15 | logger.error('Cannot get signed host in body.', { error: err }) | ||
16 | return res.sendStatus(500) | ||
17 | } | ||
18 | |||
19 | if (pod === null) { | ||
20 | logger.error('Unknown pod %s.', host) | ||
21 | return res.sendStatus(403) | ||
22 | } | ||
23 | |||
24 | logger.debug('Checking signature from %s.', host) | ||
25 | |||
26 | let signatureShouldBe | ||
27 | // If there is data in the body the sender used it for its signature | ||
28 | // If there is no data we just use its host as signature | ||
29 | if (req.body.data) { | ||
30 | signatureShouldBe = req.body.data | ||
31 | } else { | ||
32 | signatureShouldBe = host | ||
33 | } | ||
34 | |||
35 | const signatureOk = peertubeCrypto.checkSignature(pod.publicKey, signatureShouldBe, req.body.signature.signature) | ||
36 | |||
37 | if (signatureOk === true) { | ||
38 | res.locals.secure = { | ||
39 | pod | ||
40 | } | ||
41 | |||
42 | return next() | ||
43 | } | ||
44 | |||
45 | logger.error('Signature is not okay in body for %s.', req.body.signature.host) | ||
46 | return res.sendStatus(403) | ||
47 | }) | ||
48 | } | ||
49 | |||
50 | // --------------------------------------------------------------------------- | ||
51 | |||
52 | module.exports = secureMiddleware | ||