From a5fa04b0cce851f680a45055f57ed2c3d22f1c82 Mon Sep 17 00:00:00 2001 From: Chocobozzz Date: Thu, 4 Feb 2016 21:16:27 +0100 Subject: Split misc middleware --- controllers/api/v1/pods.js | 13 ++++---- controllers/api/v1/remoteVideos.js | 11 ++++--- controllers/api/v1/videos.js | 12 +++---- controllers/views.js | 6 ++-- middlewares/cache.js | 25 +++++++++++++++ middlewares/index.js | 5 +-- middlewares/misc.js | 65 -------------------------------------- middlewares/secure.js | 50 +++++++++++++++++++++++++++++ 8 files changed, 100 insertions(+), 87 deletions(-) create mode 100644 middlewares/cache.js delete mode 100644 middlewares/misc.js create mode 100644 middlewares/secure.js diff --git a/controllers/api/v1/pods.js b/controllers/api/v1/pods.js index 82d8d7f08..3e457ec57 100644 --- a/controllers/api/v1/pods.js +++ b/controllers/api/v1/pods.js @@ -7,21 +7,22 @@ var logger = require('../../../helpers/logger') var friends = require('../../../lib/friends') var middleware = require('../../../middlewares') - var miscMiddleware = middleware.misc + var cacheMiddleware = middleware.cache var Pods = require('../../../models/pods') var reqValidator = middleware.reqValidators.pods + var secureMiddleware = middleware.secure var secureRequest = middleware.reqValidators.remote.secureRequest var utils = require('../../../helpers/utils') var Videos = require('../../../models/videos') var router = express.Router() - router.get('/', miscMiddleware.cache(false), listPods) - router.post('/', reqValidator.podsAdd, miscMiddleware.cache(false), addPods) - router.get('/makefriends', reqValidator.makeFriends, miscMiddleware.cache(false), makeFriends) - router.get('/quitfriends', miscMiddleware.cache(false), quitFriends) + router.get('/', cacheMiddleware.cache(false), listPods) + router.post('/', reqValidator.podsAdd, cacheMiddleware.cache(false), addPods) + router.get('/makefriends', reqValidator.makeFriends, cacheMiddleware.cache(false), makeFriends) + router.get('/quitfriends', cacheMiddleware.cache(false), quitFriends) // Post because this is a secured request - router.post('/remove', secureRequest, miscMiddleware.decryptBody, removePods) + router.post('/remove', secureRequest, secureMiddleware.decryptBody, removePods) // --------------------------------------------------------------------------- diff --git a/controllers/api/v1/remoteVideos.js b/controllers/api/v1/remoteVideos.js index d72db9836..58bb5f3cb 100644 --- a/controllers/api/v1/remoteVideos.js +++ b/controllers/api/v1/remoteVideos.js @@ -5,7 +5,8 @@ var pluck = require('lodash-node/compat/collection/pluck') var middleware = require('../../../middlewares') - var miscMiddleware = middleware.misc + var secureMiddleware = middleware.secure + var cacheMiddleware = middleware.cache var reqValidator = middleware.reqValidators.remote var videos = require('../../../models/videos') @@ -13,17 +14,17 @@ router.post('/add', reqValidator.secureRequest, - miscMiddleware.decryptBody, + secureMiddleware.decryptBody, reqValidator.remoteVideosAdd, - miscMiddleware.cache(false), + cacheMiddleware.cache(false), addRemoteVideos ) router.post('/remove', reqValidator.secureRequest, - miscMiddleware.decryptBody, + secureMiddleware.decryptBody, reqValidator.remoteVideosRemove, - miscMiddleware.cache(false), + cacheMiddleware.cache(false), removeRemoteVideo ) diff --git a/controllers/api/v1/videos.js b/controllers/api/v1/videos.js index d2e7e8825..7792059ca 100644 --- a/controllers/api/v1/videos.js +++ b/controllers/api/v1/videos.js @@ -9,7 +9,7 @@ var logger = require('../../../helpers/logger') var friends = require('../../../lib/friends') var middleware = require('../../../middlewares') - var miscMiddleware = middleware.misc + var cacheMiddleware = middleware.cache var reqValidator = middleware.reqValidators.videos var Videos = require('../../../models/videos') // model var videos = require('../../../lib/videos') @@ -38,11 +38,11 @@ var reqFiles = multer({ storage: storage }).fields([{ name: 'input_video', maxCount: 1 }]) - router.get('/', miscMiddleware.cache(false), listVideos) - router.post('/', reqFiles, reqValidator.videosAdd, miscMiddleware.cache(false), addVideo) - router.get('/:id', reqValidator.videosGet, miscMiddleware.cache(false), getVideos) - router.delete('/:id', reqValidator.videosRemove, miscMiddleware.cache(false), removeVideo) - router.get('/search/:name', reqValidator.videosSearch, miscMiddleware.cache(false), searchVideos) + router.get('/', cacheMiddleware.cache(false), listVideos) + router.post('/', reqFiles, reqValidator.videosAdd, cacheMiddleware.cache(false), addVideo) + router.get('/:id', reqValidator.videosGet, cacheMiddleware.cache(false), getVideos) + router.delete('/:id', reqValidator.videosRemove, cacheMiddleware.cache(false), removeVideo) + router.get('/search/:name', reqValidator.videosSearch, cacheMiddleware.cache(false), searchVideos) // --------------------------------------------------------------------------- diff --git a/controllers/views.js b/controllers/views.js index 1bb4ffe70..82d3d00ab 100644 --- a/controllers/views.js +++ b/controllers/views.js @@ -3,12 +3,12 @@ var express = require('express') - var middleware = require('../middlewares').misc + var cacheMiddleware = require('../middlewares').cache var router = express.Router() - router.get(/^\/(index)?$/, middleware.cache(), getIndex) - router.get('/partials/:directory/:name', middleware.cache(), getPartial) + router.get(/^\/(index)?$/, cacheMiddleware.cache(), getIndex) + router.get('/partials/:directory/:name', cacheMiddleware.cache(), getPartial) // --------------------------------------------------------------------------- diff --git a/middlewares/cache.js b/middlewares/cache.js new file mode 100644 index 000000000..782165155 --- /dev/null +++ b/middlewares/cache.js @@ -0,0 +1,25 @@ +;(function () { + 'use strict' + + var cacheMiddleware = { + cache: cache + } + + function cache (cache) { + return function (req, res, next) { + // If we want explicitly a cache + // Or if we don't specify if we want a cache or no and we are in production + if (cache === true || (cache !== false && process.env.NODE_ENV === 'production')) { + res.setHeader('Cache-Control', 'public') + } else { + res.setHeader('Cache-Control', 'no-cache, no-store, max-age=0, must-revalidate') + } + + next() + } + } + + // --------------------------------------------------------------------------- + + module.exports = cacheMiddleware +})() diff --git a/middlewares/index.js b/middlewares/index.js index 311dfb6d2..bfe325b1e 100644 --- a/middlewares/index.js +++ b/middlewares/index.js @@ -2,8 +2,9 @@ 'use strict' var middlewares = { - misc: require('./misc'), - reqValidators: require('./reqValidators') + cache: require('./cache'), + reqValidators: require('./reqValidators'), + secure: require('./secure') } // --------------------------------------------------------------------------- diff --git a/middlewares/misc.js b/middlewares/misc.js deleted file mode 100644 index cc4e2e8a4..000000000 --- a/middlewares/misc.js +++ /dev/null @@ -1,65 +0,0 @@ -;(function () { - 'use strict' - - var fs = require('fs') - var ursa = require('ursa') - - var logger = require('../helpers/logger') - var Pods = require('../models/pods') - var utils = require('../helpers/utils') - - var miscMiddleware = { - cache: cache, - decryptBody: decryptBody - } - - function cache (cache) { - return function (req, res, next) { - // If we want explicitly a cache - // Or if we don't specify if we want a cache or no and we are in production - if (cache === true || (cache !== false && process.env.NODE_ENV === 'production')) { - res.setHeader('Cache-Control', 'public') - } else { - res.setHeader('Cache-Control', 'no-cache, no-store, max-age=0, must-revalidate') - } - - next() - } - } - - function decryptBody (req, res, next) { - var url = req.body.signature.url - Pods.findByUrl(url, function (err, pod) { - if (err) { - logger.error('Cannot get signed url in decryptBody.', { error: err }) - return res.sendStatus(500) - } - - if (pod === null) { - logger.error('Unknown pod %s.', url) - return res.sendStatus(403) - } - - logger.debug('Decrypting body from %s.', url) - - var crt = ursa.createPublicKey(pod.publicKey) - var signature_ok = crt.hashAndVerify('sha256', new Buffer(req.body.signature.url).toString('hex'), req.body.signature.signature, 'hex') - - if (signature_ok === true) { - var myKey = ursa.createPrivateKey(fs.readFileSync(utils.getCertDir() + 'peertube.key.pem')) - var decryptedKey = myKey.decrypt(req.body.key, 'hex', 'utf8') - req.body.data = JSON.parse(utils.symetricDecrypt(req.body.data, decryptedKey)) - delete req.body.key - } else { - logger.error('Signature is not okay in decryptBody for %s.', req.body.signature.url) - return res.sendStatus(403) - } - - next() - }) - } - - // --------------------------------------------------------------------------- - - module.exports = miscMiddleware -})() diff --git a/middlewares/secure.js b/middlewares/secure.js new file mode 100644 index 000000000..99ac9cdae --- /dev/null +++ b/middlewares/secure.js @@ -0,0 +1,50 @@ +;(function () { + 'use strict' + + var fs = require('fs') + var ursa = require('ursa') + + var logger = require('../helpers/logger') + var Pods = require('../models/pods') + var utils = require('../helpers/utils') + + var secureMiddleware = { + decryptBody: decryptBody + } + + function decryptBody (req, res, next) { + var url = req.body.signature.url + Pods.findByUrl(url, function (err, pod) { + if (err) { + logger.error('Cannot get signed url in decryptBody.', { error: err }) + return res.sendStatus(500) + } + + if (pod === null) { + logger.error('Unknown pod %s.', url) + return res.sendStatus(403) + } + + logger.debug('Decrypting body from %s.', url) + + var crt = ursa.createPublicKey(pod.publicKey) + var signature_ok = crt.hashAndVerify('sha256', new Buffer(req.body.signature.url).toString('hex'), req.body.signature.signature, 'hex') + + if (signature_ok === true) { + var myKey = ursa.createPrivateKey(fs.readFileSync(utils.getCertDir() + 'peertube.key.pem')) + var decryptedKey = myKey.decrypt(req.body.key, 'hex', 'utf8') + req.body.data = JSON.parse(utils.symetricDecrypt(req.body.data, decryptedKey)) + delete req.body.key + } else { + logger.error('Signature is not okay in decryptBody for %s.', req.body.signature.url) + return res.sendStatus(403) + } + + next() + }) + } + + // --------------------------------------------------------------------------- + + module.exports = secureMiddleware +})() -- cgit v1.2.3