-
Notifications
You must be signed in to change notification settings - Fork 0
/
index.js
45 lines (34 loc) · 1.19 KB
/
index.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
import express from 'express';
import hmacSHA256 from 'crypto-js/hmac-sha256.js';
import Base64 from 'crypto-js/enc-base64.js';
import bodyParser from 'body-parser';
const port = process.env.PORT || 3030
const secret = process.env.SECRET || 'dRHYfeXcdNmDmdOI3TWwT4RN'
const digest = (body, secret) => {
const sig = hmacSHA256(body, secret);
return sig.toString()
}
const app = express()
const options = {inflate: true, type: ['application/json', 'text/html']};
app.use(bodyParser.raw(options));
app.use(function (req, res, next) {
const identifoDigest = req.headers.digest || ''
const signature = identifoDigest.substr('SHA-256='.length)
const expectedSignature = digest(req.body.toString(), secret)
if (signature === expectedSignature) {
next()
} else {
res.status(403).send("Request digest signature is invalid.");
}
})
app.post('/', (req, res) => {
const j = JSON.parse(req.body.toString())
if (j.user_id === 'abcdef') {
res.json({test: `passed for special user absdef`})
} else {
res.json({test: `passed`})
}
})
app.listen(port, () => {
console.log(`Example app listening at http://localhost:${port}`)
})