OpenCloud
/
PeerTube
mirror of https://github.com/Chocobozzz/PeerTube
1
0
Fork 0
Code Issues Releases Wiki Activity

Middleware refractoring

pull/1/head
Chocobozzz 2015-11-07 18:40:13 +01:00
parent e85782f7da
commit b60035d8e8
6 changed files with 77 additions and 64 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

53
middlewares/index.js
View File

@ -1,56 +1,9 @@
;(function () { ;(function () {
'use strict' 'use strict'
var ursa = require('ursa') var middleware = {
var fs = require('fs') reqValidators: require('./reqValidators'),
misc: require('./misc')
var logger = require('../src/logger')
var utils = require('../src/utils')
var PodsDB = require('../src/database').PodsDB
var middleware = {}
middleware.cache = function (cache) {
return function (req, res, next) {
// If we want explicitly a cache
// Or if we don't specify if we want a cache or no and we are in production
if (cache === true || (cache !== false && process.env.NODE_ENV === 'production')) {
res.setHeader('Cache-Control', 'public')
} else {
res.setHeader('Cache-Control', 'no-cache, no-store, max-age=0, must-revalidate')
}
next()
}
}
middleware.decryptBody = function (req, res, next) {
logger.debug('Decrypting body.')
PodsDB.findOne({ url: req.body.signature.url }, function (err, pod) {
if (err) {
logger.error('Cannot get signed url in decryptBody.', { error: err })
res.sendStatus(500)
}
logger.debug('Found one pod which could send the message.', { pod: pod.publicKey, url: req.body.signature.url })
var crt = ursa.createPublicKey(pod.publicKey)
var signature_ok = crt.hashAndVerify('sha256', new Buffer(req.body.signature.url).toString('hex'), req.body.signature.signature, 'hex')
if (signature_ok === true) {
var myKey = ursa.createPrivateKey(fs.readFileSync(utils.certDir + 'peertube.key.pem'))
var decryptedKey = myKey.decrypt(req.body.key, 'hex', 'utf8')
logger.debug(decryptedKey)
req.body.data = JSON.parse(utils.symetricDecrypt(req.body.data, decryptedKey))
logger.debug('Decrypted.', { body: req.body })
} else {
logger.error('Signature is not okay in decryptBody for %s.', req.body.signature.url)
res.sendStatus(500)
}
next()
})
} }
module.exports = middleware module.exports = middleware

57
middlewares/misc.js Normal file
View File

@ -0,0 +1,57 @@
;(function () {
'use strict'
var ursa = require('ursa')
var fs = require('fs')
var logger = require('../src/logger')
var utils = require('../src/utils')
var PodsDB = require('../src/database').PodsDB
var misc = {}
misc.cache = function (cache) {
return function (req, res, next) {
// If we want explicitly a cache
// Or if we don't specify if we want a cache or no and we are in production
if (cache === true || (cache !== false && process.env.NODE_ENV === 'production')) {
res.setHeader('Cache-Control', 'public')
} else {
res.setHeader('Cache-Control', 'no-cache, no-store, max-age=0, must-revalidate')
}
next()
}
}
misc.decryptBody = function (req, res, next) {
logger.debug('Decrypting body.')
PodsDB.findOne({ url: req.body.signature.url }, function (err, pod) {
if (err) {
logger.error('Cannot get signed url in decryptBody.', { error: err })
res.sendStatus(500)
}
logger.debug('Found one pod which could send the message.', { pod: pod.publicKey, url: req.body.signature.url })
var crt = ursa.createPublicKey(pod.publicKey)
var signature_ok = crt.hashAndVerify('sha256', new Buffer(req.body.signature.url).toString('hex'), req.body.signature.signature, 'hex')
if (signature_ok === true) {
var myKey = ursa.createPrivateKey(fs.readFileSync(utils.certDir + 'peertube.key.pem'))
var decryptedKey = myKey.decrypt(req.body.key, 'hex', 'utf8')
logger.debug(decryptedKey)
req.body.data = JSON.parse(utils.symetricDecrypt(req.body.data, decryptedKey))
logger.debug('Decrypted.', { body: req.body })
} else {
logger.error('Signature is not okay in decryptBody for %s.', req.body.signature.url)
res.sendStatus(500)
}
next()
})
}
module.exports = misc
})()

9
routes/api/v1/pods.js
View File

@ -4,7 +4,8 @@
var express = require('express') var express = require('express')
var router = express.Router() var router = express.Router()
var middleware = require('../../../middlewares') var middleware = require('../../../middlewares')
var reqValidator = require('../../../middlewares/reqValidators').pods var miscMiddleware = middleware.misc
var reqValidator = middleware.reqValidators.pods
var pods = require('../../../src/pods') var pods = require('../../../src/pods')
function listPods (req, res, next) { function listPods (req, res, next) {
@ -31,9 +32,9 @@
}) })
} }
router.get('/', middleware.cache(false), listPods) router.get('/', miscMiddleware.cache(false), listPods)
router.get('/makefriends', middleware.cache(false), makeFriends) router.get('/makefriends', miscMiddleware.cache(false), makeFriends)
router.post('/', reqValidator.podsAdd, middleware.cache(false), addPods) router.post('/', reqValidator.podsAdd, miscMiddleware.cache(false), addPods)
module.exports = router module.exports = router
})() })()

7
routes/api/v1/remoteVideos.js
View File

@ -4,7 +4,8 @@
var express = require('express') var express = require('express')
var router = express.Router() var router = express.Router()
var middleware = require('../../../middlewares') var middleware = require('../../../middlewares')
var requestValidator = require('../../../middlewares/reqValidators').remote var miscMiddleware = middleware.misc
var reqValidator = middleware.reqValidators.remote
var videos = require('../../../src/videos') var videos = require('../../../src/videos')
function addRemoteVideos (req, res, next) { function addRemoteVideos (req, res, next) {
@ -23,8 +24,8 @@
}) })
} }
router.post('/add', requestValidator.secureRequest, middleware.decryptBody, requestValidator.remoteVideosAdd, middleware.cache(false), addRemoteVideos) router.post('/add', reqValidator.secureRequest, miscMiddleware.decryptBody, reqValidator.remoteVideosAdd, miscMiddleware.cache(false), addRemoteVideos)
router.post('/remove', requestValidator.secureRequest, middleware.decryptBody, requestValidator.remoteVideosRemove, middleware.cache(false), removeRemoteVideo) router.post('/remove', reqValidator.secureRequest, miscMiddleware.decryptBody, reqValidator.remoteVideosRemove, miscMiddleware.cache(false), removeRemoteVideo)
module.exports = router module.exports = router
})() })()

13
routes/api/v1/videos.js
View File

@ -4,7 +4,8 @@
var express = require('express') var express = require('express')
var router = express.Router() var router = express.Router()
var middleware = require('../../../middlewares') var middleware = require('../../../middlewares')
var reqValidator = require('../../../middlewares/reqValidators').videos var miscMiddleware = middleware.misc
var reqValidator = middleware.reqValidators.videos
var videos = require('../../../src/videos') var videos = require('../../../src/videos')
function listVideos (req, res, next) { function listVideos (req, res, next) {
@ -52,11 +53,11 @@
}) })
} }
router.get('/', middleware.cache(false), listVideos) router.get('/', miscMiddleware.cache(false), listVideos)
router.post('/', reqValidator.videosAdd, middleware.cache(false), addVideos) router.post('/', reqValidator.videosAdd, miscMiddleware.cache(false), addVideos)
router.get('/search/:name', reqValidator.videosSearch, middleware.cache(false), searchVideos) router.get('/search/:name', reqValidator.videosSearch, miscMiddleware.cache(false), searchVideos)
router.get('/:id', reqValidator.videosGet, middleware.cache(false), getVideos) router.get('/:id', reqValidator.videosGet, miscMiddleware.cache(false), getVideos)
router.delete('/:id', reqValidator.videosRemove, middleware.cache(false), removeVideo) router.delete('/:id', reqValidator.videosRemove, miscMiddleware.cache(false), removeVideo)
module.exports = router module.exports = router
})() })()

2
routes/views.js
View File

@ -13,7 +13,7 @@
} }
var express = require('express') var express = require('express')
var middleware = require('../middlewares') var middleware = require('../middlewares').misc
var router = express.Router() var router = express.Router()