Closed ycruzb closed 6 years ago
lpinca
commented
6 years ago Hi, no it doesn't as it's out of the scope of the module and it depends on what framework you are using on your server.
function verifyWebhook(reqBody, hmacHeader) {
const digest = crypto.createHmac('sha256', sharedSecret)
.update(reqBody)
.digest('base64');
return digest === hmacHeader;
}
ycruzb
commented
6 years ago Hi @lpinca, I'm using ExpressJS.
lpinca
commented
6 years ago @ycruzb you can write a middleware like this and use it in your webhook handlers.
ycruzb
commented
6 years ago Thanks @lpinca. I'll use it and I'll let you know.
ycruzb
commented
6 years ago Hi again @lpinca. How can I get the reqBody and hmacHeader params ? I have been proving the method but I only get errors.
lpinca
commented
6 years ago See https://github.com/MONEI/Shopify-api-node/issues/133#issuecomment-317722399, reqBody is the request body and hmacHeader the x-shopify-hmac-sha256 header field value.
ycruzb
commented
6 years ago Thanks again @lpinca. I have tested this middleware in my project and I always receive a Request timeout response from the server. What do you think about it ?
lpinca
commented
6 years ago I don't know, I'm sorry but I can't debug this for you.
ycruzb
commented
6 years ago ok, I can understand ;) I'll trying to resolve this problem. I also want to thank you because this shopify api module works great. I'll close the issue because it is not related to the module itself.
Regards
lpinca
commented
6 years ago Thank you.
Hi all. Does this module provides a mechanism for webhook validation ?