aboutsummaryrefslogtreecommitdiffhomepage
path: root/server/middlewares
diff options
context:
space:
mode:
Diffstat (limited to 'server/middlewares')
-rw-r--r--server/middlewares/secure.ts59
1 files changed, 29 insertions, 30 deletions
diff --git a/server/middlewares/secure.ts b/server/middlewares/secure.ts
index f7424c9c3..5dd809f15 100644
--- a/server/middlewares/secure.ts
+++ b/server/middlewares/secure.ts
@@ -8,45 +8,44 @@ import {
8} from '../helpers' 8} from '../helpers'
9import { PodSignature } from '../../shared' 9import { PodSignature } from '../../shared'
10 10
11function checkSignature (req: express.Request, res: express.Response, next: express.NextFunction) { 11async function checkSignature (req: express.Request, res: express.Response, next: express.NextFunction) {
12 const signatureObject: PodSignature = req.body.signature 12 const signatureObject: PodSignature = req.body.signature
13 const host = signatureObject.host 13 const host = signatureObject.host
14 14
15 db.Pod.loadByHost(host) 15 try {
16 .then(pod => { 16 const pod = await db.Pod.loadByHost(host)
17 if (pod === null) { 17 if (pod === null) {
18 logger.error('Unknown pod %s.', host) 18 logger.error('Unknown pod %s.', host)
19 return res.sendStatus(403) 19 return res.sendStatus(403)
20 } 20 }
21
22 logger.debug('Checking signature from %s.', host)
23 21
24 let signatureShouldBe 22 logger.debug('Checking signature from %s.', host)
25 // If there is data in the body the sender used it for its signature
26 // If there is no data we just use its host as signature
27 if (req.body.data) {
28 signatureShouldBe = req.body.data
29 } else {
30 signatureShouldBe = host
31 }
32 23
33 const signatureOk = peertubeCryptoCheckSignature(pod.publicKey, signatureShouldBe, signatureObject.signature) 24 let signatureShouldBe
25 // If there is data in the body the sender used it for its signature
26 // If there is no data we just use its host as signature
27 if (req.body.data) {
28 signatureShouldBe = req.body.data
29 } else {
30 signatureShouldBe = host
31 }
34 32
35 if (signatureOk === true) { 33 const signatureOk = peertubeCryptoCheckSignature(pod.publicKey, signatureShouldBe, signatureObject.signature)
36 res.locals.secure = {
37 pod
38 }
39 34
40 return next() 35 if (signatureOk === true) {
36 res.locals.secure = {
37 pod
41 } 38 }
42 39
43 logger.error('Signature is not okay in body for %s.', signatureObject.host) 40 return next()
44 return res.sendStatus(403) 41 }
45 }) 42
46 .catch(err => { 43 logger.error('Signature is not okay in body for %s.', signatureObject.host)
47 logger.error('Cannot get signed host in body.', { error: err.stack, signature: signatureObject.signature }) 44 return res.sendStatus(403)
48 return res.sendStatus(500) 45 } catch (err) {
49 }) 46 logger.error('Cannot get signed host in body.', { error: err.stack, signature: signatureObject.signature })
47 return res.sendStatus(500)
48 }
50} 49}
51 50
52// --------------------------------------------------------------------------- 51// ---------------------------------------------------------------------------