Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Coinbase Commerce Python Validation
@coinbase_bp.route('/service/coinbase/hook', methods=['GET', 'POST', 'UPDATE', 'DELETE'], name='coinbase_hook', version=1)
async def webhook(request):
secret = request.app.config.COINBASE_WEBHOOK_SHARED_SECRET
payload = request.json
if not payload.get('event'):
return response.json(dict(
code=200, # We need coinbase to stop sending this message wether its valid or not
message='Invalid Event'
))
sig_header = request.headers.get('X-CC-Webhook-Signature', None)
if not sig_header:
return response.json(dict(
code=200,
message='Missing signature'
))
sig = hmac.new(
secret.encode(),
msg=payload.encode(),
digestmod=sha256
)
computed_sig = sig.hexdigest()
if computed_sig != sig_header:
return response.json(dict(
code=200,
message='Invalid signature'
))
else:
# process event
pass
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment