Open letruonglamit opened 4 months ago
I think we need to have something for verification the event like this
app.post('/webhook', (req, res) => { const event = req.body; // Verify the event (implement verification logic if necessary) if (!verifyMangopaySignature(req)) { return res.status(400).send({ status: 'error', message: 'Invalid signature' }); } }) function verifyMangopaySignature(req) { const signature = req.headers['x-request-signature']; const body = JSON.stringify(req.body); const secretKey = 'your_mangopay_secret_key'; // Replace with your actual secret key const hash = crypto .createHmac('sha256', secretKey) .update(body) .digest('hex'); return signature === hash; }
I think we need to have something for verification the event like this