send/server/routes/metadata.js
2018-02-05 16:37:06 -08:00

32 lines
1,004 B
JavaScript

const storage = require('../storage');
const crypto = require('crypto');
module.exports = async function(req, res) {
const id = req.params.id;
try {
const auth = req.header('Authorization').split(' ')[1];
const meta = await storage.metadata(id);
const hmac = crypto.createHmac('sha256', Buffer.from(meta.auth, 'base64'));
hmac.update(Buffer.from(meta.nonce, 'base64'));
const verifyHash = hmac.digest();
if (!verifyHash.equals(Buffer.from(auth, 'base64'))) {
res.set('WWW-Authenticate', `send-v1 ${meta.nonce}`);
return res.sendStatus(401);
}
const nonce = crypto.randomBytes(16).toString('base64');
storage.setField(id, 'nonce', nonce);
res.set('WWW-Authenticate', `send-v1 ${nonce}`);
const size = await storage.length(id);
const ttl = await storage.ttl(id);
res.send({
metadata: meta.metadata,
finalDownload: +meta.dl + 1 === +meta.dlimit,
size,
ttl
});
} catch (e) {
res.sendStatus(404);
}
};