diff --git a/middlewares/index.js b/middlewares/index.js index 6368d791a..e727202ba 100644 --- a/middlewares/index.js +++ b/middlewares/index.js @@ -1,56 +1,9 @@ ;(function () { 'use strict' - var ursa = require('ursa') - var fs = require('fs') - - var logger = require('../src/logger') - var utils = require('../src/utils') - var PodsDB = require('../src/database').PodsDB - - var middleware = {} - - middleware.cache = function (cache) { - return function (req, res, next) { - // If we want explicitly a cache - // Or if we don't specify if we want a cache or no and we are in production - if (cache === true || (cache !== false && process.env.NODE_ENV === 'production')) { - res.setHeader('Cache-Control', 'public') - } else { - res.setHeader('Cache-Control', 'no-cache, no-store, max-age=0, must-revalidate') - } - - next() - } - } - - middleware.decryptBody = function (req, res, next) { - logger.debug('Decrypting body.') - - PodsDB.findOne({ url: req.body.signature.url }, function (err, pod) { - if (err) { - logger.error('Cannot get signed url in decryptBody.', { error: err }) - res.sendStatus(500) - } - - logger.debug('Found one pod which could send the message.', { pod: pod.publicKey, url: req.body.signature.url }) - - var crt = ursa.createPublicKey(pod.publicKey) - var signature_ok = crt.hashAndVerify('sha256', new Buffer(req.body.signature.url).toString('hex'), req.body.signature.signature, 'hex') - - if (signature_ok === true) { - var myKey = ursa.createPrivateKey(fs.readFileSync(utils.certDir + 'peertube.key.pem')) - var decryptedKey = myKey.decrypt(req.body.key, 'hex', 'utf8') - logger.debug(decryptedKey) - req.body.data = JSON.parse(utils.symetricDecrypt(req.body.data, decryptedKey)) - logger.debug('Decrypted.', { body: req.body }) - } else { - logger.error('Signature is not okay in decryptBody for %s.', req.body.signature.url) - res.sendStatus(500) - } - - next() - }) + var middleware = { + reqValidators: require('./reqValidators'), + misc: require('./misc') } module.exports = middleware diff --git a/middlewares/misc.js b/middlewares/misc.js new file mode 100644 index 000000000..69e8d78c1 --- /dev/null +++ b/middlewares/misc.js @@ -0,0 +1,57 @@ +;(function () { + 'use strict' + + var ursa = require('ursa') + var fs = require('fs') + + var logger = require('../src/logger') + var utils = require('../src/utils') + var PodsDB = require('../src/database').PodsDB + + var misc = {} + + misc.cache = function (cache) { + return function (req, res, next) { + // If we want explicitly a cache + // Or if we don't specify if we want a cache or no and we are in production + if (cache === true || (cache !== false && process.env.NODE_ENV === 'production')) { + res.setHeader('Cache-Control', 'public') + } else { + res.setHeader('Cache-Control', 'no-cache, no-store, max-age=0, must-revalidate') + } + + next() + } + } + + misc.decryptBody = function (req, res, next) { + logger.debug('Decrypting body.') + + PodsDB.findOne({ url: req.body.signature.url }, function (err, pod) { + if (err) { + logger.error('Cannot get signed url in decryptBody.', { error: err }) + res.sendStatus(500) + } + + logger.debug('Found one pod which could send the message.', { pod: pod.publicKey, url: req.body.signature.url }) + + var crt = ursa.createPublicKey(pod.publicKey) + var signature_ok = crt.hashAndVerify('sha256', new Buffer(req.body.signature.url).toString('hex'), req.body.signature.signature, 'hex') + + if (signature_ok === true) { + var myKey = ursa.createPrivateKey(fs.readFileSync(utils.certDir + 'peertube.key.pem')) + var decryptedKey = myKey.decrypt(req.body.key, 'hex', 'utf8') + logger.debug(decryptedKey) + req.body.data = JSON.parse(utils.symetricDecrypt(req.body.data, decryptedKey)) + logger.debug('Decrypted.', { body: req.body }) + } else { + logger.error('Signature is not okay in decryptBody for %s.', req.body.signature.url) + res.sendStatus(500) + } + + next() + }) + } + + module.exports = misc +})() diff --git a/routes/api/v1/pods.js b/routes/api/v1/pods.js index 8ae676834..2bb8f89ab 100644 --- a/routes/api/v1/pods.js +++ b/routes/api/v1/pods.js @@ -4,7 +4,8 @@ var express = require('express') var router = express.Router() var middleware = require('../../../middlewares') - var reqValidator = require('../../../middlewares/reqValidators').pods + var miscMiddleware = middleware.misc + var reqValidator = middleware.reqValidators.pods var pods = require('../../../src/pods') function listPods (req, res, next) { @@ -31,9 +32,9 @@ }) } - router.get('/', middleware.cache(false), listPods) - router.get('/makefriends', middleware.cache(false), makeFriends) - router.post('/', reqValidator.podsAdd, middleware.cache(false), addPods) + router.get('/', miscMiddleware.cache(false), listPods) + router.get('/makefriends', miscMiddleware.cache(false), makeFriends) + router.post('/', reqValidator.podsAdd, miscMiddleware.cache(false), addPods) module.exports = router })() diff --git a/routes/api/v1/remoteVideos.js b/routes/api/v1/remoteVideos.js index 23bdcbe24..10793b2b4 100644 --- a/routes/api/v1/remoteVideos.js +++ b/routes/api/v1/remoteVideos.js @@ -4,7 +4,8 @@ var express = require('express') var router = express.Router() var middleware = require('../../../middlewares') - var requestValidator = require('../../../middlewares/reqValidators').remote + var miscMiddleware = middleware.misc + var reqValidator = middleware.reqValidators.remote var videos = require('../../../src/videos') function addRemoteVideos (req, res, next) { @@ -23,8 +24,8 @@ }) } - router.post('/add', requestValidator.secureRequest, middleware.decryptBody, requestValidator.remoteVideosAdd, middleware.cache(false), addRemoteVideos) - router.post('/remove', requestValidator.secureRequest, middleware.decryptBody, requestValidator.remoteVideosRemove, middleware.cache(false), removeRemoteVideo) + router.post('/add', reqValidator.secureRequest, miscMiddleware.decryptBody, reqValidator.remoteVideosAdd, miscMiddleware.cache(false), addRemoteVideos) + router.post('/remove', reqValidator.secureRequest, miscMiddleware.decryptBody, reqValidator.remoteVideosRemove, miscMiddleware.cache(false), removeRemoteVideo) module.exports = router })() diff --git a/routes/api/v1/videos.js b/routes/api/v1/videos.js index 06b248244..33c565437 100644 --- a/routes/api/v1/videos.js +++ b/routes/api/v1/videos.js @@ -4,7 +4,8 @@ var express = require('express') var router = express.Router() var middleware = require('../../../middlewares') - var reqValidator = require('../../../middlewares/reqValidators').videos + var miscMiddleware = middleware.misc + var reqValidator = middleware.reqValidators.videos var videos = require('../../../src/videos') function listVideos (req, res, next) { @@ -52,11 +53,11 @@ }) } - router.get('/', middleware.cache(false), listVideos) - router.post('/', reqValidator.videosAdd, middleware.cache(false), addVideos) - router.get('/search/:name', reqValidator.videosSearch, middleware.cache(false), searchVideos) - router.get('/:id', reqValidator.videosGet, middleware.cache(false), getVideos) - router.delete('/:id', reqValidator.videosRemove, middleware.cache(false), removeVideo) + router.get('/', miscMiddleware.cache(false), listVideos) + router.post('/', reqValidator.videosAdd, miscMiddleware.cache(false), addVideos) + router.get('/search/:name', reqValidator.videosSearch, miscMiddleware.cache(false), searchVideos) + router.get('/:id', reqValidator.videosGet, miscMiddleware.cache(false), getVideos) + router.delete('/:id', reqValidator.videosRemove, miscMiddleware.cache(false), removeVideo) module.exports = router })() diff --git a/routes/views.js b/routes/views.js index 690913a84..ebd97380e 100644 --- a/routes/views.js +++ b/routes/views.js @@ -13,7 +13,7 @@ } var express = require('express') - var middleware = require('../middlewares') + var middleware = require('../middlewares').misc var router = express.Router()