gjohnson/mandrill-verify.js

## mandrill-verify.js
var crypto = require('crypto');
var assert = require('assert');
var debug = require('debug')('mandrill-verify');

module.exports = function (config) {
  assert(config, 'missing config');
  assert(config.secret, 'missing secret')
  assert(config.url, 'missing url');

  return function (req, res, next) {
    var key = 'mandrill_events';
    var thiers = req.get('x-mandrill-signature');
    var ours = crypto
      .createHmac('sha1', config.secret)
      .update(config.url)
      .update(key)
      .update(req.body[key])
      .digest('base64');

    if (thiers !== ours) {
      debug('unauthorized');
      res.send(401);
    } else {
      debug('authorized');
      next();
    }
  };
};
	var crypto = require('crypto');
	var assert = require('assert');
	var debug = require('debug')('mandrill-verify');

	module.exports = function (config) {
	assert(config, 'missing config');
	assert(config.secret, 'missing secret')
	assert(config.url, 'missing url');

	return function (req, res, next) {
	var key = 'mandrill_events';
	var thiers = req.get('x-mandrill-signature');
	var ours = crypto
	.createHmac('sha1', config.secret)
	.update(config.url)
	.update(key)
	.update(req.body[key])
	.digest('base64');

	if (thiers !== ours) {
	debug('unauthorized');
	res.send(401);
	} else {
	debug('authorized');
	next();
	}
	};
	};