From b9a3e09ad5a7673f64556d1dba122ed4c4fac980 Mon Sep 17 00:00:00 2001 From: Chocobozzz Date: Mon, 7 Mar 2016 11:33:59 +0100 Subject: Prepare folders structure for angular app --- server/middlewares/cache.js | 23 ++++++++++ server/middlewares/index.js | 15 ++++++ server/middlewares/reqValidators/index.js | 15 ++++++ server/middlewares/reqValidators/pods.js | 39 ++++++++++++++++ server/middlewares/reqValidators/remote.js | 43 +++++++++++++++++ server/middlewares/reqValidators/utils.js | 25 ++++++++++ server/middlewares/reqValidators/videos.js | 74 ++++++++++++++++++++++++++++++ server/middlewares/secure.js | 49 ++++++++++++++++++++ 8 files changed, 283 insertions(+) create mode 100644 server/middlewares/cache.js create mode 100644 server/middlewares/index.js create mode 100644 server/middlewares/reqValidators/index.js create mode 100644 server/middlewares/reqValidators/pods.js create mode 100644 server/middlewares/reqValidators/remote.js create mode 100644 server/middlewares/reqValidators/utils.js create mode 100644 server/middlewares/reqValidators/videos.js create mode 100644 server/middlewares/secure.js (limited to 'server/middlewares') diff --git a/server/middlewares/cache.js b/server/middlewares/cache.js new file mode 100644 index 000000000..0d3da0075 --- /dev/null +++ b/server/middlewares/cache.js @@ -0,0 +1,23 @@ +'use strict' + +var cacheMiddleware = { + cache: cache +} + +function cache (cache) { + return function (req, res, next) { + // If we want explicitly a cache + // Or if we don't specify if we want a cache or no and we are in production + if (cache === true || (cache !== false && process.env.NODE_ENV === 'production')) { + res.setHeader('Cache-Control', 'public') + } else { + res.setHeader('Cache-Control', 'no-cache, no-store, max-age=0, must-revalidate') + } + + next() + } +} + +// --------------------------------------------------------------------------- + +module.exports = cacheMiddleware diff --git a/server/middlewares/index.js b/server/middlewares/index.js new file mode 100644 index 000000000..c85899b0c --- /dev/null +++ b/server/middlewares/index.js @@ -0,0 +1,15 @@ +'use strict' + +var cacheMiddleware = require('./cache') +var reqValidatorsMiddleware = require('./reqValidators') +var secureMiddleware = require('./secure') + +var middlewares = { + cache: cacheMiddleware, + reqValidators: reqValidatorsMiddleware, + secure: secureMiddleware +} + +// --------------------------------------------------------------------------- + +module.exports = middlewares diff --git a/server/middlewares/reqValidators/index.js b/server/middlewares/reqValidators/index.js new file mode 100644 index 000000000..345dbd0e2 --- /dev/null +++ b/server/middlewares/reqValidators/index.js @@ -0,0 +1,15 @@ +'use strict' + +var podsReqValidators = require('./pods') +var remoteReqValidators = require('./remote') +var videosReqValidators = require('./videos') + +var reqValidators = { + pods: podsReqValidators, + remote: remoteReqValidators, + videos: videosReqValidators +} + +// --------------------------------------------------------------------------- + +module.exports = reqValidators diff --git a/server/middlewares/reqValidators/pods.js b/server/middlewares/reqValidators/pods.js new file mode 100644 index 000000000..ef09d51cf --- /dev/null +++ b/server/middlewares/reqValidators/pods.js @@ -0,0 +1,39 @@ +'use strict' + +var checkErrors = require('./utils').checkErrors +var friends = require('../../lib/friends') +var logger = require('../../helpers/logger') + +var reqValidatorsPod = { + makeFriends: makeFriends, + podsAdd: podsAdd +} + +function makeFriends (req, res, next) { + friends.hasFriends(function (err, has_friends) { + if (err) { + logger.error('Cannot know if we have friends.', { error: err }) + res.sendStatus(500) + } + + if (has_friends === true) { + // We need to quit our friends before make new ones + res.sendStatus(409) + } else { + return next() + } + }) +} + +function podsAdd (req, res, next) { + req.checkBody('data.url', 'Should have an url').notEmpty().isURL({ require_protocol: true }) + req.checkBody('data.publicKey', 'Should have a public key').notEmpty() + + logger.debug('Checking podsAdd parameters', { parameters: req.body }) + + checkErrors(req, res, next) +} + +// --------------------------------------------------------------------------- + +module.exports = reqValidatorsPod diff --git a/server/middlewares/reqValidators/remote.js b/server/middlewares/reqValidators/remote.js new file mode 100644 index 000000000..88de16b49 --- /dev/null +++ b/server/middlewares/reqValidators/remote.js @@ -0,0 +1,43 @@ +'use strict' + +var checkErrors = require('./utils').checkErrors +var logger = require('../../helpers/logger') + +var reqValidatorsRemote = { + remoteVideosAdd: remoteVideosAdd, + remoteVideosRemove: remoteVideosRemove, + secureRequest: secureRequest +} + +function remoteVideosAdd (req, res, next) { + req.checkBody('data').isArray() + req.checkBody('data').eachIsRemoteVideosAddValid() + + logger.debug('Checking remoteVideosAdd parameters', { parameters: req.body }) + + checkErrors(req, res, next) +} + +function remoteVideosRemove (req, res, next) { + req.checkBody('data').isArray() + req.checkBody('data').eachIsRemoteVideosRemoveValid() + + logger.debug('Checking remoteVideosRemove parameters', { parameters: req.body }) + + checkErrors(req, res, next) +} + +function secureRequest (req, res, next) { + req.checkBody('signature.url', 'Should have a signature url').isURL() + req.checkBody('signature.signature', 'Should have a signature').notEmpty() + req.checkBody('key', 'Should have a key').notEmpty() + req.checkBody('data', 'Should have data').notEmpty() + + logger.debug('Checking secureRequest parameters', { parameters: { data: req.body.data, keyLength: req.body.key.length } }) + + checkErrors(req, res, next) +} + +// --------------------------------------------------------------------------- + +module.exports = reqValidatorsRemote diff --git a/server/middlewares/reqValidators/utils.js b/server/middlewares/reqValidators/utils.js new file mode 100644 index 000000000..46c982571 --- /dev/null +++ b/server/middlewares/reqValidators/utils.js @@ -0,0 +1,25 @@ +'use strict' + +var util = require('util') + +var logger = require('../../helpers/logger') + +var reqValidatorsUtils = { + checkErrors: checkErrors +} + +function checkErrors (req, res, next, status_code) { + if (status_code === undefined) status_code = 400 + var errors = req.validationErrors() + + if (errors) { + logger.warn('Incorrect request parameters', { path: req.originalUrl, err: errors }) + return res.status(status_code).send('There have been validation errors: ' + util.inspect(errors)) + } + + return next() +} + +// --------------------------------------------------------------------------- + +module.exports = reqValidatorsUtils diff --git a/server/middlewares/reqValidators/videos.js b/server/middlewares/reqValidators/videos.js new file mode 100644 index 000000000..4e5f4391f --- /dev/null +++ b/server/middlewares/reqValidators/videos.js @@ -0,0 +1,74 @@ +'use strict' + +var checkErrors = require('./utils').checkErrors +var logger = require('../../helpers/logger') +var Videos = require('../../models/videos') + +var reqValidatorsVideos = { + videosAdd: videosAdd, + videosGet: videosGet, + videosRemove: videosRemove, + videosSearch: videosSearch +} + +function videosAdd (req, res, next) { + req.checkFiles('input_video[0].originalname', 'Should have an input video').notEmpty() + req.checkFiles('input_video[0].mimetype', 'Should have a correct mime type').matches(/video\/(webm)|(mp4)|(ogg)/i) + req.checkBody('name', 'Should have a name').isLength(1, 50) + req.checkBody('description', 'Should have a description').isLength(1, 250) + + logger.debug('Checking videosAdd parameters', { parameters: req.body, files: req.files }) + + checkErrors(req, res, next) +} + +function videosGet (req, res, next) { + req.checkParams('id', 'Should have a valid id').notEmpty().isMongoId() + + logger.debug('Checking videosGet parameters', { parameters: req.params }) + + checkErrors(req, res, function () { + Videos.getVideoState(req.params.id, function (err, state) { + if (err) { + logger.error('Error in videosGet request validator.', { error: err }) + res.sendStatus(500) + } + + if (state.exist === false) return res.status(404).send('Video not found') + + next() + }) + }) +} + +function videosRemove (req, res, next) { + req.checkParams('id', 'Should have a valid id').notEmpty().isMongoId() + + logger.debug('Checking videosRemove parameters', { parameters: req.params }) + + checkErrors(req, res, function () { + Videos.getVideoState(req.params.id, function (err, state) { + if (err) { + logger.error('Error in videosRemove request validator.', { error: err }) + res.sendStatus(500) + } + + if (state.exist === false) return res.status(404).send('Video not found') + else if (state.owned === false) return res.status(403).send('Cannot remove video of another pod') + + next() + }) + }) +} + +function videosSearch (req, res, next) { + req.checkParams('name', 'Should have a name').notEmpty() + + logger.debug('Checking videosSearch parameters', { parameters: req.params }) + + checkErrors(req, res, next) +} + +// --------------------------------------------------------------------------- + +module.exports = reqValidatorsVideos diff --git a/server/middlewares/secure.js b/server/middlewares/secure.js new file mode 100644 index 000000000..bfd28316a --- /dev/null +++ b/server/middlewares/secure.js @@ -0,0 +1,49 @@ +'use strict' + +var logger = require('../helpers/logger') +var peertubeCrypto = require('../helpers/peertubeCrypto') +var Pods = require('../models/pods') + +var secureMiddleware = { + decryptBody: decryptBody +} + +function decryptBody (req, res, next) { + var url = req.body.signature.url + Pods.findByUrl(url, function (err, pod) { + if (err) { + logger.error('Cannot get signed url in decryptBody.', { error: err }) + return res.sendStatus(500) + } + + if (pod === null) { + logger.error('Unknown pod %s.', url) + return res.sendStatus(403) + } + + logger.debug('Decrypting body from %s.', url) + + var signature_ok = peertubeCrypto.checkSignature(pod.publicKey, url, req.body.signature.signature) + + if (signature_ok === true) { + peertubeCrypto.decrypt(req.body.key, req.body.data, function (err, decrypted) { + if (err) { + logger.error('Cannot decrypt data.', { error: err }) + return res.sendStatus(500) + } + + req.body.data = JSON.parse(decrypted) + delete req.body.key + + next() + }) + } else { + logger.error('Signature is not okay in decryptBody for %s.', req.body.signature.url) + return res.sendStatus(403) + } + }) +} + +// --------------------------------------------------------------------------- + +module.exports = secureMiddleware -- cgit v1.2.3