Mercurial > code > home > repos > video
comparison serve-files.js @ 49:1bd17c2e5517 default tip
video.py must sign video urls for serve-files.js to serve them
| author | drewp@bigasterisk.com |
|---|---|
| date | Fri, 06 Dec 2024 17:13:51 -0800 |
| parents | ed16fdbb3996 |
| children |
comparison
equal
deleted
inserted
replaced
| 48:046673b1cc24 | 49:1bd17c2e5517 |
|---|---|
| 1 const express = require('express') | 1 const express = require('express') |
| 2 const serveIndex = require('serve-index') | 2 const decodeSig = async (sig) => { |
| 3 | 3 const { decodeSig } = await import('./signature_decode.mjs'); |
| 4 return decodeSig(sig); | |
| 5 }; | |
| 4 const app = express() | 6 const app = express() |
| 5 | 7 |
| 8 async function checkSig(sig, user, reqPath) { | |
| 9 const msg = await decodeSig(sig); | |
| 10 if (msg[0] !== user) { | |
| 11 throw new Error('user mismatch ' + msg[0] + ' ' + user); | |
| 12 } | |
| 13 if (msg[1] !== reqPath) { | |
| 14 throw new Error('path mismatch'); | |
| 15 } | |
| 16 const now = new Date() / 1000; | |
| 17 if (msg[2] < now) { | |
| 18 throw new Error('expired'); | |
| 19 } | |
| 20 } | |
| 21 | |
| 22 | |
| 6 // e.g. /video/files/video-download/movie1/part1.webm | 23 // e.g. /video/files/video-download/movie1/part1.webm |
| 7 | |
| 8 app.use('/video/files', | 24 app.use('/video/files', |
| 25 async (req, res, next) => { | |
| 26 try { | |
| 27 await checkSig(req.query.sig || '', req.headers['x-pomerium-email'], req.path); | |
| 28 } catch (e) { | |
| 29 console.error(e); | |
| 30 res.status(403).send('403 Forbidden'); | |
| 31 return; | |
| 32 } | |
| 33 next(); | |
| 34 }, | |
| 9 express.static('/data'), // serves file content | 35 express.static('/data'), // serves file content |
| 10 serveIndex('/data', { 'icons': true }) // serves dir listings | |
| 11 ) | 36 ) |
| 12 | 37 |
| 13 app.listen(8003) | 38 app.listen(8003) |