mirror of https://github.com/Chocobozzz/PeerTube
Middleware refractoring
parent
e85782f7da
commit
b60035d8e8
|
@ -1,56 +1,9 @@
|
|||
;(function () {
|
||||
'use strict'
|
||||
|
||||
var ursa = require('ursa')
|
||||
var fs = require('fs')
|
||||
|
||||
var logger = require('../src/logger')
|
||||
var utils = require('../src/utils')
|
||||
var PodsDB = require('../src/database').PodsDB
|
||||
|
||||
var middleware = {}
|
||||
|
||||
middleware.cache = function (cache) {
|
||||
return function (req, res, next) {
|
||||
// If we want explicitly a cache
|
||||
// Or if we don't specify if we want a cache or no and we are in production
|
||||
if (cache === true || (cache !== false && process.env.NODE_ENV === 'production')) {
|
||||
res.setHeader('Cache-Control', 'public')
|
||||
} else {
|
||||
res.setHeader('Cache-Control', 'no-cache, no-store, max-age=0, must-revalidate')
|
||||
}
|
||||
|
||||
next()
|
||||
}
|
||||
}
|
||||
|
||||
middleware.decryptBody = function (req, res, next) {
|
||||
logger.debug('Decrypting body.')
|
||||
|
||||
PodsDB.findOne({ url: req.body.signature.url }, function (err, pod) {
|
||||
if (err) {
|
||||
logger.error('Cannot get signed url in decryptBody.', { error: err })
|
||||
res.sendStatus(500)
|
||||
}
|
||||
|
||||
logger.debug('Found one pod which could send the message.', { pod: pod.publicKey, url: req.body.signature.url })
|
||||
|
||||
var crt = ursa.createPublicKey(pod.publicKey)
|
||||
var signature_ok = crt.hashAndVerify('sha256', new Buffer(req.body.signature.url).toString('hex'), req.body.signature.signature, 'hex')
|
||||
|
||||
if (signature_ok === true) {
|
||||
var myKey = ursa.createPrivateKey(fs.readFileSync(utils.certDir + 'peertube.key.pem'))
|
||||
var decryptedKey = myKey.decrypt(req.body.key, 'hex', 'utf8')
|
||||
logger.debug(decryptedKey)
|
||||
req.body.data = JSON.parse(utils.symetricDecrypt(req.body.data, decryptedKey))
|
||||
logger.debug('Decrypted.', { body: req.body })
|
||||
} else {
|
||||
logger.error('Signature is not okay in decryptBody for %s.', req.body.signature.url)
|
||||
res.sendStatus(500)
|
||||
}
|
||||
|
||||
next()
|
||||
})
|
||||
var middleware = {
|
||||
reqValidators: require('./reqValidators'),
|
||||
misc: require('./misc')
|
||||
}
|
||||
|
||||
module.exports = middleware
|
||||
|
|
|
@ -0,0 +1,57 @@
|
|||
;(function () {
|
||||
'use strict'
|
||||
|
||||
var ursa = require('ursa')
|
||||
var fs = require('fs')
|
||||
|
||||
var logger = require('../src/logger')
|
||||
var utils = require('../src/utils')
|
||||
var PodsDB = require('../src/database').PodsDB
|
||||
|
||||
var misc = {}
|
||||
|
||||
misc.cache = function (cache) {
|
||||
return function (req, res, next) {
|
||||
// If we want explicitly a cache
|
||||
// Or if we don't specify if we want a cache or no and we are in production
|
||||
if (cache === true || (cache !== false && process.env.NODE_ENV === 'production')) {
|
||||
res.setHeader('Cache-Control', 'public')
|
||||
} else {
|
||||
res.setHeader('Cache-Control', 'no-cache, no-store, max-age=0, must-revalidate')
|
||||
}
|
||||
|
||||
next()
|
||||
}
|
||||
}
|
||||
|
||||
misc.decryptBody = function (req, res, next) {
|
||||
logger.debug('Decrypting body.')
|
||||
|
||||
PodsDB.findOne({ url: req.body.signature.url }, function (err, pod) {
|
||||
if (err) {
|
||||
logger.error('Cannot get signed url in decryptBody.', { error: err })
|
||||
res.sendStatus(500)
|
||||
}
|
||||
|
||||
logger.debug('Found one pod which could send the message.', { pod: pod.publicKey, url: req.body.signature.url })
|
||||
|
||||
var crt = ursa.createPublicKey(pod.publicKey)
|
||||
var signature_ok = crt.hashAndVerify('sha256', new Buffer(req.body.signature.url).toString('hex'), req.body.signature.signature, 'hex')
|
||||
|
||||
if (signature_ok === true) {
|
||||
var myKey = ursa.createPrivateKey(fs.readFileSync(utils.certDir + 'peertube.key.pem'))
|
||||
var decryptedKey = myKey.decrypt(req.body.key, 'hex', 'utf8')
|
||||
logger.debug(decryptedKey)
|
||||
req.body.data = JSON.parse(utils.symetricDecrypt(req.body.data, decryptedKey))
|
||||
logger.debug('Decrypted.', { body: req.body })
|
||||
} else {
|
||||
logger.error('Signature is not okay in decryptBody for %s.', req.body.signature.url)
|
||||
res.sendStatus(500)
|
||||
}
|
||||
|
||||
next()
|
||||
})
|
||||
}
|
||||
|
||||
module.exports = misc
|
||||
})()
|
|
@ -4,7 +4,8 @@
|
|||
var express = require('express')
|
||||
var router = express.Router()
|
||||
var middleware = require('../../../middlewares')
|
||||
var reqValidator = require('../../../middlewares/reqValidators').pods
|
||||
var miscMiddleware = middleware.misc
|
||||
var reqValidator = middleware.reqValidators.pods
|
||||
var pods = require('../../../src/pods')
|
||||
|
||||
function listPods (req, res, next) {
|
||||
|
@ -31,9 +32,9 @@
|
|||
})
|
||||
}
|
||||
|
||||
router.get('/', middleware.cache(false), listPods)
|
||||
router.get('/makefriends', middleware.cache(false), makeFriends)
|
||||
router.post('/', reqValidator.podsAdd, middleware.cache(false), addPods)
|
||||
router.get('/', miscMiddleware.cache(false), listPods)
|
||||
router.get('/makefriends', miscMiddleware.cache(false), makeFriends)
|
||||
router.post('/', reqValidator.podsAdd, miscMiddleware.cache(false), addPods)
|
||||
|
||||
module.exports = router
|
||||
})()
|
||||
|
|
|
@ -4,7 +4,8 @@
|
|||
var express = require('express')
|
||||
var router = express.Router()
|
||||
var middleware = require('../../../middlewares')
|
||||
var requestValidator = require('../../../middlewares/reqValidators').remote
|
||||
var miscMiddleware = middleware.misc
|
||||
var reqValidator = middleware.reqValidators.remote
|
||||
var videos = require('../../../src/videos')
|
||||
|
||||
function addRemoteVideos (req, res, next) {
|
||||
|
@ -23,8 +24,8 @@
|
|||
})
|
||||
}
|
||||
|
||||
router.post('/add', requestValidator.secureRequest, middleware.decryptBody, requestValidator.remoteVideosAdd, middleware.cache(false), addRemoteVideos)
|
||||
router.post('/remove', requestValidator.secureRequest, middleware.decryptBody, requestValidator.remoteVideosRemove, middleware.cache(false), removeRemoteVideo)
|
||||
router.post('/add', reqValidator.secureRequest, miscMiddleware.decryptBody, reqValidator.remoteVideosAdd, miscMiddleware.cache(false), addRemoteVideos)
|
||||
router.post('/remove', reqValidator.secureRequest, miscMiddleware.decryptBody, reqValidator.remoteVideosRemove, miscMiddleware.cache(false), removeRemoteVideo)
|
||||
|
||||
module.exports = router
|
||||
})()
|
||||
|
|
|
@ -4,7 +4,8 @@
|
|||
var express = require('express')
|
||||
var router = express.Router()
|
||||
var middleware = require('../../../middlewares')
|
||||
var reqValidator = require('../../../middlewares/reqValidators').videos
|
||||
var miscMiddleware = middleware.misc
|
||||
var reqValidator = middleware.reqValidators.videos
|
||||
var videos = require('../../../src/videos')
|
||||
|
||||
function listVideos (req, res, next) {
|
||||
|
@ -52,11 +53,11 @@
|
|||
})
|
||||
}
|
||||
|
||||
router.get('/', middleware.cache(false), listVideos)
|
||||
router.post('/', reqValidator.videosAdd, middleware.cache(false), addVideos)
|
||||
router.get('/search/:name', reqValidator.videosSearch, middleware.cache(false), searchVideos)
|
||||
router.get('/:id', reqValidator.videosGet, middleware.cache(false), getVideos)
|
||||
router.delete('/:id', reqValidator.videosRemove, middleware.cache(false), removeVideo)
|
||||
router.get('/', miscMiddleware.cache(false), listVideos)
|
||||
router.post('/', reqValidator.videosAdd, miscMiddleware.cache(false), addVideos)
|
||||
router.get('/search/:name', reqValidator.videosSearch, miscMiddleware.cache(false), searchVideos)
|
||||
router.get('/:id', reqValidator.videosGet, miscMiddleware.cache(false), getVideos)
|
||||
router.delete('/:id', reqValidator.videosRemove, miscMiddleware.cache(false), removeVideo)
|
||||
|
||||
module.exports = router
|
||||
})()
|
||||
|
|
|
@ -13,7 +13,7 @@
|
|||
}
|
||||
|
||||
var express = require('express')
|
||||
var middleware = require('../middlewares')
|
||||
var middleware = require('../middlewares').misc
|
||||
|
||||
var router = express.Router()
|
||||
|
||||
|
|
Loading…
Reference in New Issue