Open marine44 opened 10 years ago
@ryanharnwell I'd like to do this and will take a look once I finish extracting the adapter and they take my PR.
I'd be interested in this too. The incoming
gem does something similar (here's their implementation)
@bradpauly Have you thought any further about adding this in? Nice work so far by the way!
@ryanharnwell I'm afraid I haven't had time yet, although I'm still interested in it.
@ryanharnwell @dmarkow have either of you implemented this check? I've just added it to an app, but I don't use the built-in routes from griddler so I didn't take the approach of overriding the Griddler::EmailsController. I'm not sure putting this in the adapter is I want to do, but I'm open to discussing.
@bradpauly I haven't touched our griddler/mailgun code since last year but I may be revisiting it soon for an upcoming project and can give it some thought.
@bradpauly thank you for your work with this adapter. Have you made any decision to implement validation?
@stefanosc I'm checking the signature in my app, but I haven't looked into putting it into the adapter yet. I'm not using the built-in routes from griddler so I haven't tried subclassing its controller. There are other examples around, but here's how I'm doing it if you're interested:
require 'openssl'
class Mailgun::BaseController < ApplicationController
before_filter :verify_webhook
private
def verify_webhook
api_key = YOUR_API_KEY
digest = OpenSSL::Digest::SHA256.new
data = [params[:timestamp], params[:token]].join
computed_signature = OpenSSL::HMAC.hexdigest(digest, api_key, data)
if params[:signature] != computed_signature
render text:'ERROR', status: :forbidden
end
end
end
Thank you @bradpauly To be honest I don't think I am going to use Griddler either. I don't really have a use for the project I am working on. The business logic for now is rather simple. Thank you for sharing how you do it, have a great day :smile:
Brad - nice work taking on this project!
Just thought I would bring this feature request to your attention so that you might consider implementing it in the mailgun adapter:
https://github.com/thoughtbot/griddler/issues/139
(I did not make any further progress past the end of this thread, it's a but beyond my skillset)