var logger = require('../../../helpers/logger')
var friends = require('../../../lib/friends')
var middleware = require('../../../middlewares')
- var miscMiddleware = middleware.misc
+ var cacheMiddleware = middleware.cache
var Pods = require('../../../models/pods')
var reqValidator = middleware.reqValidators.pods
+ var secureMiddleware = middleware.secure
var secureRequest = middleware.reqValidators.remote.secureRequest
var utils = require('../../../helpers/utils')
var Videos = require('../../../models/videos')
var router = express.Router()
- router.get('/', miscMiddleware.cache(false), listPods)
- router.post('/', reqValidator.podsAdd, miscMiddleware.cache(false), addPods)
- router.get('/makefriends', reqValidator.makeFriends, miscMiddleware.cache(false), makeFriends)
- router.get('/quitfriends', miscMiddleware.cache(false), quitFriends)
+ router.get('/', cacheMiddleware.cache(false), listPods)
+ router.post('/', reqValidator.podsAdd, cacheMiddleware.cache(false), addPods)
+ router.get('/makefriends', reqValidator.makeFriends, cacheMiddleware.cache(false), makeFriends)
+ router.get('/quitfriends', cacheMiddleware.cache(false), quitFriends)
// Post because this is a secured request
- router.post('/remove', secureRequest, miscMiddleware.decryptBody, removePods)
+ router.post('/remove', secureRequest, secureMiddleware.decryptBody, removePods)
// ---------------------------------------------------------------------------
var pluck = require('lodash-node/compat/collection/pluck')
var middleware = require('../../../middlewares')
- var miscMiddleware = middleware.misc
+ var secureMiddleware = middleware.secure
+ var cacheMiddleware = middleware.cache
var reqValidator = middleware.reqValidators.remote
var videos = require('../../../models/videos')
router.post('/add',
reqValidator.secureRequest,
- miscMiddleware.decryptBody,
+ secureMiddleware.decryptBody,
reqValidator.remoteVideosAdd,
- miscMiddleware.cache(false),
+ cacheMiddleware.cache(false),
addRemoteVideos
)
router.post('/remove',
reqValidator.secureRequest,
- miscMiddleware.decryptBody,
+ secureMiddleware.decryptBody,
reqValidator.remoteVideosRemove,
- miscMiddleware.cache(false),
+ cacheMiddleware.cache(false),
removeRemoteVideo
)
var logger = require('../../../helpers/logger')
var friends = require('../../../lib/friends')
var middleware = require('../../../middlewares')
- var miscMiddleware = middleware.misc
+ var cacheMiddleware = middleware.cache
var reqValidator = middleware.reqValidators.videos
var Videos = require('../../../models/videos') // model
var videos = require('../../../lib/videos')
var reqFiles = multer({ storage: storage }).fields([{ name: 'input_video', maxCount: 1 }])
- router.get('/', miscMiddleware.cache(false), listVideos)
- router.post('/', reqFiles, reqValidator.videosAdd, miscMiddleware.cache(false), addVideo)
- router.get('/:id', reqValidator.videosGet, miscMiddleware.cache(false), getVideos)
- router.delete('/:id', reqValidator.videosRemove, miscMiddleware.cache(false), removeVideo)
- router.get('/search/:name', reqValidator.videosSearch, miscMiddleware.cache(false), searchVideos)
+ router.get('/', cacheMiddleware.cache(false), listVideos)
+ router.post('/', reqFiles, reqValidator.videosAdd, cacheMiddleware.cache(false), addVideo)
+ router.get('/:id', reqValidator.videosGet, cacheMiddleware.cache(false), getVideos)
+ router.delete('/:id', reqValidator.videosRemove, cacheMiddleware.cache(false), removeVideo)
+ router.get('/search/:name', reqValidator.videosSearch, cacheMiddleware.cache(false), searchVideos)
// ---------------------------------------------------------------------------
var express = require('express')
- var middleware = require('../middlewares').misc
+ var cacheMiddleware = require('../middlewares').cache
var router = express.Router()
- router.get(/^\/(index)?$/, middleware.cache(), getIndex)
- router.get('/partials/:directory/:name', middleware.cache(), getPartial)
+ router.get(/^\/(index)?$/, cacheMiddleware.cache(), getIndex)
+ router.get('/partials/:directory/:name', cacheMiddleware.cache(), getPartial)
// ---------------------------------------------------------------------------
--- /dev/null
+;(function () {
+ 'use strict'
+
+ var cacheMiddleware = {
+ cache: cache
+ }
+
+ function cache (cache) {
+ return function (req, res, next) {
+ // If we want explicitly a cache
+ // Or if we don't specify if we want a cache or no and we are in production
+ if (cache === true || (cache !== false && process.env.NODE_ENV === 'production')) {
+ res.setHeader('Cache-Control', 'public')
+ } else {
+ res.setHeader('Cache-Control', 'no-cache, no-store, max-age=0, must-revalidate')
+ }
+
+ next()
+ }
+ }
+
+ // ---------------------------------------------------------------------------
+
+ module.exports = cacheMiddleware
+})()
'use strict'
var middlewares = {
- misc: require('./misc'),
- reqValidators: require('./reqValidators')
+ cache: require('./cache'),
+ reqValidators: require('./reqValidators'),
+ secure: require('./secure')
}
// ---------------------------------------------------------------------------
+++ /dev/null
-;(function () {
- 'use strict'
-
- var fs = require('fs')
- var ursa = require('ursa')
-
- var logger = require('../helpers/logger')
- var Pods = require('../models/pods')
- var utils = require('../helpers/utils')
-
- var miscMiddleware = {
- cache: cache,
- decryptBody: decryptBody
- }
-
- function cache (cache) {
- return function (req, res, next) {
- // If we want explicitly a cache
- // Or if we don't specify if we want a cache or no and we are in production
- if (cache === true || (cache !== false && process.env.NODE_ENV === 'production')) {
- res.setHeader('Cache-Control', 'public')
- } else {
- res.setHeader('Cache-Control', 'no-cache, no-store, max-age=0, must-revalidate')
- }
-
- next()
- }
- }
-
- function decryptBody (req, res, next) {
- var url = req.body.signature.url
- Pods.findByUrl(url, function (err, pod) {
- if (err) {
- logger.error('Cannot get signed url in decryptBody.', { error: err })
- return res.sendStatus(500)
- }
-
- if (pod === null) {
- logger.error('Unknown pod %s.', url)
- return res.sendStatus(403)
- }
-
- logger.debug('Decrypting body from %s.', url)
-
- var crt = ursa.createPublicKey(pod.publicKey)
- var signature_ok = crt.hashAndVerify('sha256', new Buffer(req.body.signature.url).toString('hex'), req.body.signature.signature, 'hex')
-
- if (signature_ok === true) {
- var myKey = ursa.createPrivateKey(fs.readFileSync(utils.getCertDir() + 'peertube.key.pem'))
- var decryptedKey = myKey.decrypt(req.body.key, 'hex', 'utf8')
- req.body.data = JSON.parse(utils.symetricDecrypt(req.body.data, decryptedKey))
- delete req.body.key
- } else {
- logger.error('Signature is not okay in decryptBody for %s.', req.body.signature.url)
- return res.sendStatus(403)
- }
-
- next()
- })
- }
-
- // ---------------------------------------------------------------------------
-
- module.exports = miscMiddleware
-})()
--- /dev/null
+;(function () {
+ 'use strict'
+
+ var fs = require('fs')
+ var ursa = require('ursa')
+
+ var logger = require('../helpers/logger')
+ var Pods = require('../models/pods')
+ var utils = require('../helpers/utils')
+
+ var secureMiddleware = {
+ decryptBody: decryptBody
+ }
+
+ function decryptBody (req, res, next) {
+ var url = req.body.signature.url
+ Pods.findByUrl(url, function (err, pod) {
+ if (err) {
+ logger.error('Cannot get signed url in decryptBody.', { error: err })
+ return res.sendStatus(500)
+ }
+
+ if (pod === null) {
+ logger.error('Unknown pod %s.', url)
+ return res.sendStatus(403)
+ }
+
+ logger.debug('Decrypting body from %s.', url)
+
+ var crt = ursa.createPublicKey(pod.publicKey)
+ var signature_ok = crt.hashAndVerify('sha256', new Buffer(req.body.signature.url).toString('hex'), req.body.signature.signature, 'hex')
+
+ if (signature_ok === true) {
+ var myKey = ursa.createPrivateKey(fs.readFileSync(utils.getCertDir() + 'peertube.key.pem'))
+ var decryptedKey = myKey.decrypt(req.body.key, 'hex', 'utf8')
+ req.body.data = JSON.parse(utils.symetricDecrypt(req.body.data, decryptedKey))
+ delete req.body.key
+ } else {
+ logger.error('Signature is not okay in decryptBody for %s.', req.body.signature.url)
+ return res.sendStatus(403)
+ }
+
+ next()
+ })
+ }
+
+ // ---------------------------------------------------------------------------
+
+ module.exports = secureMiddleware
+})()
projects / oweals / peertube.git / commitdiff