Allow enable/disabling event integrity check, if the event api is not exposing to public but rather using only internally

isuru89 / oasis

Open-source PBML (Points, Badges, Milestones, Leaderboards) Gamification Platform inspiring Stackoveflow

Apache License 2.0

44 stars 6 forks source link

Allow enable/disabling event integrity check, if the event api is not exposing to public but rather using only internally #110

Closed isuru89 closed 2 years ago

isuru89 commented 2 years ago

Currently event API uses strict payload integrity check based on the key generated at the event source registration in admin api. However, this is an overkill if the event api is not exposing to outside networks/applications, but rather using only by internal services/applications. Therefore, it is better to allow enabling/disabling this integrity check at deployment level using a configuration, so that it will be easier to use by internal apps.

isuru89 commented 2 years ago

Introduced a new option in event-api.conf file called skipEventIntegrityCheck to enable/disable integrity check.