Closed ycruzb closed 6 years ago
Hi, no it doesn't as it's out of the scope of the module and it depends on what framework you are using on your server.
function verifyWebhook(reqBody, hmacHeader) {
const digest = crypto.createHmac('sha256', sharedSecret)
.update(reqBody)
.digest('base64');
return digest === hmacHeader;
}
Hi @lpinca, I'm using ExpressJS.
@ycruzb you can write a middleware like this and use it in your webhook handlers.
Thanks @lpinca. I'll use it and I'll let you know.
Hi again @lpinca. How can I get the reqBody and hmacHeader params ? I have been proving the method but I only get errors.
See https://github.com/MONEI/Shopify-api-node/issues/133#issuecomment-317722399, reqBody
is the request body and hmacHeader
the x-shopify-hmac-sha256
header field value.
Thanks again @lpinca. I have tested this middleware in my project and I always receive a Request timeout response from the server. What do you think about it ?
I don't know, I'm sorry but I can't debug this for you.
ok, I can understand ;) I'll trying to resolve this problem. I also want to thank you because this shopify api module works great. I'll close the issue because it is not related to the module itself.
Regards
Thank you.
Hi all. Does this module provides a mechanism for webhook validation ?