Skip to content

Instantly share code, notes, and snippets.

Last active May 2, 2020 07:17
  • Star 1 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
Star You must be signed in to star a gist
Save morph027/ef6323ad8f22c744c8261811ab209159 to your computer and use it in GitHub Desktop.
#!/usr/bin/env python3
# pip install sanic
import codecs
import hashlib
import hmac
import os
import sys
from sanic import Sanic
from sanic.response import HTTPResponse
from sanic.log import logger
from ujson import dumps
app = Sanic(name='newreleases_hook')
@app.route('/', methods=['GET', 'POST'])
async def newreleases_hook(request):
if (request.body and request.headers.get('x-newreleases-signature')
and request.headers.get('x-newreleases-timestamp')):
msg = request.headers.get(
'x-newreleases-timestamp').encode() + b'.' + request.body
sig_computed =
config.get('newreleases', {}).get('secret').encode(),
sig_received = codecs.decode(
request.headers.get('x-newreleases-signature'), 'hex')
if hmac.compare_digest(sig_received, sig_computed):
# alright, signature verified
# add your stuff right here
# and don't forget to return a sane response
return HTTPResponse(dumps({'success': True}),
return HTTPResponse(
dumps({'success': False}),
if __name__ == '__main__':
secret = os.environ.get('NEWRELEASES_IO_WEBHOOK_SECRET')
if not secret:
sys.exit(1)'', port=8000)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment