3 const express = require('express')
4 const mongoose = require('mongoose')
6 const constants = require('../../initializers/constants')
7 const logger = require('../../helpers/logger')
9 const Client = mongoose.model('OAuthClient')
11 const router = express.Router()
13 router.get('/local', getLocalClient)
15 // Get the client credentials for the PeerTube front end
16 function getLocalClient (req, res, next) {
17 const serverHostname = constants.CONFIG.WEBSERVER.HOSTNAME
18 const serverPort = constants.CONFIG.WEBSERVER.PORT
19 let headerHostShouldBe = serverHostname
20 if (serverPort !== 80 && serverPort !== 443) {
21 headerHostShouldBe += ':' + serverPort
24 // Don't make this check if this is a test instance
25 if (process.env.NODE_ENV !== 'test' && req.get('host') !== headerHostShouldBe) {
26 logger.info('Getting client tokens for host %s is forbidden (expected %s).', req.get('host'), headerHostShouldBe)
27 return res.type('json').status(403).end()
30 Client.loadFirstClient(function (err, client) {
31 if (err) return next(err)
32 if (!client) return next(new Error('No client available.'))
35 client_id: client._id,
36 client_secret: client.clientSecret
41 // ---------------------------------------------------------------------------
43 module.exports = router