Created
July 1, 2022 20:19
-
-
Save lobot/f3032563cc8a4ac9d4b37676fb6c930f to your computer and use it in GitHub Desktop.
webhook-ts-index-ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import * as Koa from "koa" | |
| import * as Router from "koa-router" | |
| import * as bodyParser from "koa-bodyparser" | |
| import * as crypto from "crypto" | |
| const app = new Koa() | |
| const router = new Router() | |
| router.post("/webhooks", async(ctx, next) => { | |
| const { rawBody, headers } = ctx.request; | |
| const secret = "secret" | |
| const lobSignature = headers['lob-signature']; | |
| const lobSignatureTimestamp = headers['lob-signature-timestamp']; | |
| const content = `${lobSignatureTimestamp}.${rawBody}` | |
| const hmac = crypto.createHmac('sha256', secret).update(content).digest('hex'); | |
| if (lobSignature === hmac) { | |
| console.log('Signature passed! This is from Lob!'); | |
| console.log(rawBody); | |
| ctx.status = 200; | |
| } else { | |
| // If this happens someone who is not Lob is sending you a webhook | |
| console.log('Signature failed. Webhook might not be from Lob or you have misconfigured something...'); | |
| ctx.status = 401; | |
| } | |
| await next() | |
| }) | |
| app.use(bodyParser()); | |
| app.use(router.routes()).use(router.allowedMethods()) | |
| app.listen(3000, () => { | |
| console.log("Koa started") | |
| }) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment