3 var logger = require('../helpers/logger')
4 var peertubeCrypto = require('../helpers/peertubeCrypto')
5 var Pods = require('../models/pods')
7 var secureMiddleware = {
8 decryptBody: decryptBody
11 function decryptBody (req, res, next) {
12 var url = req.body.signature.url
13 Pods.findByUrl(url, function (err, pod) {
15 logger.error('Cannot get signed url in decryptBody.', { error: err })
16 return res.sendStatus(500)
20 logger.error('Unknown pod %s.', url)
21 return res.sendStatus(403)
24 logger.debug('Decrypting body from %s.', url)
26 var signature_ok = peertubeCrypto.checkSignature(pod.publicKey, url, req.body.signature.signature)
28 if (signature_ok === true) {
29 peertubeCrypto.decrypt(req.body.key, req.body.data, function (err, decrypted) {
31 logger.error('Cannot decrypt data.', { error: err })
32 return res.sendStatus(500)
35 req.body.data = JSON.parse(decrypted)
41 logger.error('Signature is not okay in decryptBody for %s.', req.body.signature.url)
42 return res.sendStatus(403)
47 // ---------------------------------------------------------------------------
49 module.exports = secureMiddleware