From b9a3e09ad5a7673f64556d1dba122ed4c4fac980 Mon Sep 17 00:00:00 2001
From: Chocobozzz <florian.bigard@gmail.com>
Date: Mon, 7 Mar 2016 11:33:59 +0100
Subject: Prepare folders structure for angular app

---
 server/middlewares/secure.js | 49 ++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 49 insertions(+)
 create mode 100644 server/middlewares/secure.js

(limited to 'server/middlewares/secure.js')

diff --git a/server/middlewares/secure.js b/server/middlewares/secure.js
new file mode 100644
index 000000000..bfd28316a
--- /dev/null
+++ b/server/middlewares/secure.js
@@ -0,0 +1,49 @@
+'use strict'
+
+var logger = require('../helpers/logger')
+var peertubeCrypto = require('../helpers/peertubeCrypto')
+var Pods = require('../models/pods')
+
+var secureMiddleware = {
+  decryptBody: decryptBody
+}
+
+function decryptBody (req, res, next) {
+  var url = req.body.signature.url
+  Pods.findByUrl(url, function (err, pod) {
+    if (err) {
+      logger.error('Cannot get signed url in decryptBody.', { error: err })
+      return res.sendStatus(500)
+    }
+
+    if (pod === null) {
+      logger.error('Unknown pod %s.', url)
+      return res.sendStatus(403)
+    }
+
+    logger.debug('Decrypting body from %s.', url)
+
+    var signature_ok = peertubeCrypto.checkSignature(pod.publicKey, url, req.body.signature.signature)
+
+    if (signature_ok === true) {
+      peertubeCrypto.decrypt(req.body.key, req.body.data, function (err, decrypted) {
+        if (err) {
+          logger.error('Cannot decrypt data.', { error: err })
+          return res.sendStatus(500)
+        }
+
+        req.body.data = JSON.parse(decrypted)
+        delete req.body.key
+
+        next()
+      })
+    } else {
+      logger.error('Signature is not okay in decryptBody for %s.', req.body.signature.url)
+      return res.sendStatus(403)
+    }
+  })
+}
+
+// ---------------------------------------------------------------------------
+
+module.exports = secureMiddleware
-- 
cgit v1.2.3