Validate hookdeck webhooks
This commit is contained in:
@@ -4,3 +4,4 @@ NUXT_SESSION_PASSWORD=
|
|||||||
NUXT_WEBHOOKS_URL=
|
NUXT_WEBHOOKS_URL=
|
||||||
NUXT_STRAVA_VERIFY_TOKEN=
|
NUXT_STRAVA_VERIFY_TOKEN=
|
||||||
NUXT_HUB_PROJECT_KEY=
|
NUXT_HUB_PROJECT_KEY=
|
||||||
|
NUXT_HOOKDECK_KEY=
|
||||||
|
|||||||
@@ -11,6 +11,7 @@ export default defineNuxtConfig({
|
|||||||
runtimeConfig: {
|
runtimeConfig: {
|
||||||
webhooksUrl: "",
|
webhooksUrl: "",
|
||||||
stravaVerifyToken: "",
|
stravaVerifyToken: "",
|
||||||
|
hookdeckKey: "",
|
||||||
openaiApiKey: "",
|
openaiApiKey: "",
|
||||||
databaseUrl: "",
|
databaseUrl: "",
|
||||||
public: {
|
public: {
|
||||||
|
|||||||
@@ -1,6 +1,8 @@
|
|||||||
import { createActivityContent } from "~~/server/utils/create-content";
|
import { createActivityContent } from "~~/server/utils/create-content";
|
||||||
|
|
||||||
export default defineEventHandler(async (event) => {
|
export default defineEventHandler(async (event) => {
|
||||||
|
await validateHookdeck(event);
|
||||||
|
|
||||||
const body = await readBody(event);
|
const body = await readBody(event);
|
||||||
const db = useDrizzle();
|
const db = useDrizzle();
|
||||||
|
|
||||||
|
|||||||
@@ -2,6 +2,8 @@ import { get } from "radash";
|
|||||||
import { eq } from "drizzle-orm";
|
import { eq } from "drizzle-orm";
|
||||||
|
|
||||||
export default defineEventHandler(async (event) => {
|
export default defineEventHandler(async (event) => {
|
||||||
|
await validateHookdeck(event);
|
||||||
|
|
||||||
const body = await readBody(event);
|
const body = await readBody(event);
|
||||||
const db = useDrizzle();
|
const db = useDrizzle();
|
||||||
|
|
||||||
|
|||||||
@@ -1,6 +1,9 @@
|
|||||||
import { get } from "radash";
|
import { get } from "radash";
|
||||||
|
|
||||||
export default defineEventHandler(async (event) => {
|
export default defineEventHandler(async (event) => {
|
||||||
|
await validateHookdeck(event);
|
||||||
|
|
||||||
|
const config = useRuntimeConfig();
|
||||||
const body = await readBody(event);
|
const body = await readBody(event);
|
||||||
|
|
||||||
const aspectType = get(body, "aspect_type");
|
const aspectType = get(body, "aspect_type");
|
||||||
@@ -9,5 +12,8 @@ export default defineEventHandler(async (event) => {
|
|||||||
await $fetch(`/webhooks/strava/${objectType}-${aspectType}`, {
|
await $fetch(`/webhooks/strava/${objectType}-${aspectType}`, {
|
||||||
method: "post",
|
method: "post",
|
||||||
body,
|
body,
|
||||||
|
headers: {
|
||||||
|
"X-Hookdeck-Key": config.hookdeckKey,
|
||||||
|
},
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|||||||
19
server/utils/hookdeck-validation.ts
Normal file
19
server/utils/hookdeck-validation.ts
Normal file
@@ -0,0 +1,19 @@
|
|||||||
|
import type { H3Event } from "h3";
|
||||||
|
import { isEmpty } from "radash";
|
||||||
|
|
||||||
|
export const validateHookdeck = async (event: H3Event) => {
|
||||||
|
const hookdeckKeyHeader = getHeader(event, "X-Hookdeck-Key");
|
||||||
|
const config = useRuntimeConfig();
|
||||||
|
|
||||||
|
if (isEmpty(hookdeckKeyHeader)) {
|
||||||
|
throw createError({
|
||||||
|
status: 401,
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
|
if (hookdeckKeyHeader !== config.hookdeckKey) {
|
||||||
|
throw createError({
|
||||||
|
status: 401,
|
||||||
|
});
|
||||||
|
}
|
||||||
|
};
|
||||||
Reference in New Issue
Block a user