1 import 'express-validator'
2 import * as express from 'express'
4 import { database as db } from '../initializers'
7 checkSignature as peertubeCryptoCheckSignature
10 function checkSignature (req: express.Request, res: express.Response, next: express.NextFunction) {
11 const host = req.body.signature.host
12 db.Pod.loadByHost(host, function (err, pod) {
14 logger.error('Cannot get signed host in body.', { error: err })
15 return res.sendStatus(500)
19 logger.error('Unknown pod %s.', host)
20 return res.sendStatus(403)
23 logger.debug('Checking signature from %s.', host)
26 // If there is data in the body the sender used it for its signature
27 // If there is no data we just use its host as signature
29 signatureShouldBe = req.body.data
31 signatureShouldBe = host
34 const signatureOk = peertubeCryptoCheckSignature(pod.publicKey, signatureShouldBe, req.body.signature.signature)
36 if (signatureOk === true) {
44 logger.error('Signature is not okay in body for %s.', req.body.signature.host)
45 return res.sendStatus(403)
49 // ---------------------------------------------------------------------------