Closed abunner closed 8 years ago
Looking through the Messenger platform's official sample, they use the app secret to validate that each requests actually comes from Facebook before processing it
https://github.com/fbsamples/messenger-platform-samples/blob/master/node/app.js
See the verifyRequestSignature function in app.js
Seems like a good addition to this library
@abunner thanks for the suggestion, I think this commit should do the job
Looking through the Messenger platform's official sample, they use the app secret to validate that each requests actually comes from Facebook before processing it
https://github.com/fbsamples/messenger-platform-samples/blob/master/node/app.js
See the verifyRequestSignature function in app.js
Seems like a good addition to this library