1 import 'express-validator'
2 import * as express from 'express'
4 import { database as db } from '../initializers'
7 checkSignature as peertubeCryptoCheckSignature
9 import { PodSignature } from '../../shared'
11 function checkSignature (req: express.Request, res: express.Response, next: express.NextFunction) {
12 const signatureObject: PodSignature = req.body.signature
13 const host = signatureObject.host
15 db.Pod.loadByHost(host)
18 logger.error('Unknown pod %s.', host)
19 return res.sendStatus(403)
22 logger.debug('Checking signature from %s.', host)
25 // If there is data in the body the sender used it for its signature
26 // If there is no data we just use its host as signature
28 signatureShouldBe = req.body.data
30 signatureShouldBe = host
33 const signatureOk = peertubeCryptoCheckSignature(pod.publicKey, signatureShouldBe, signatureObject.signature)
35 if (signatureOk === true) {
43 logger.error('Signature is not okay in body for %s.', signatureObject.host)
44 return res.sendStatus(403)
47 logger.error('Cannot get signed host in body.', { error: err.stack, signature: signatureObject.signature })
48 return res.sendStatus(500)
52 // ---------------------------------------------------------------------------