aboutsummaryrefslogtreecommitdiffhomepage
path: root/server/middlewares/secure.ts
diff options
context:
space:
mode:
Diffstat (limited to 'server/middlewares/secure.ts')
-rw-r--r--server/middlewares/secure.ts56
1 files changed, 28 insertions, 28 deletions
diff --git a/server/middlewares/secure.ts b/server/middlewares/secure.ts
index fbfd08c7b..0fa9ee9d2 100644
--- a/server/middlewares/secure.ts
+++ b/server/middlewares/secure.ts
@@ -9,41 +9,41 @@ import {
9 9
10function checkSignature (req: express.Request, res: express.Response, next: express.NextFunction) { 10function checkSignature (req: express.Request, res: express.Response, next: express.NextFunction) {
11 const host = req.body.signature.host 11 const host = req.body.signature.host
12 db.Pod.loadByHost(host, function (err, pod) { 12 db.Pod.loadByHost(host)
13 if (err) { 13 .then(pod => {
14 logger.error('Cannot get signed host in body.', { error: err }) 14 if (pod === null) {
15 return res.sendStatus(500) 15 logger.error('Unknown pod %s.', host)
16 } 16 return res.sendStatus(403)
17 }
17 18
18 if (pod === null) { 19 logger.debug('Checking signature from %s.', host)
19 logger.error('Unknown pod %s.', host)
20 return res.sendStatus(403)
21 }
22 20
23 logger.debug('Checking signature from %s.', host) 21 let signatureShouldBe
22 // If there is data in the body the sender used it for its signature
23 // If there is no data we just use its host as signature
24 if (req.body.data) {
25 signatureShouldBe = req.body.data
26 } else {
27 signatureShouldBe = host
28 }
24 29
25 let signatureShouldBe 30 const signatureOk = peertubeCryptoCheckSignature(pod.publicKey, signatureShouldBe, req.body.signature.signature)
26 // If there is data in the body the sender used it for its signature
27 // If there is no data we just use its host as signature
28 if (req.body.data) {
29 signatureShouldBe = req.body.data
30 } else {
31 signatureShouldBe = host
32 }
33 31
34 const signatureOk = peertubeCryptoCheckSignature(pod.publicKey, signatureShouldBe, req.body.signature.signature) 32 if (signatureOk === true) {
33 res.locals.secure = {
34 pod
35 }
35 36
36 if (signatureOk === true) { 37 return next()
37 res.locals.secure = {
38 pod
39 } 38 }
40 39
41 return next() 40 logger.error('Signature is not okay in body for %s.', req.body.signature.host)
42 } 41 return res.sendStatus(403)
43 42 })
44 logger.error('Signature is not okay in body for %s.', req.body.signature.host) 43 .catch(err => {
45 return res.sendStatus(403) 44 logger.error('Cannot get signed host in body.', { error: err })
46 }) 45 return res.sendStatus(500)
46 })
47} 47}
48 48
49// --------------------------------------------------------------------------- 49// ---------------------------------------------------------------------------