Open SkyfallWasTaken opened 2 years ago
Hey! 👋 Thanks for the PR! I'm still a little bit confused why you need this though. Discord's API docs state that "you must validate the request each time you receive an interaction".
Could you get around this by writing a custom fetch
handler?
const slshxHandler = createHandler({ ... });
export default {
async fetch(request, env, ctx) {
if(request.url === "..." /* or any other conditions on request */) {
// Only perform request validation here
return slshxHandler(request, env, ctx);
}
return new Response("Bad Request", { status: 400 });
},
};
What I'm trying to do is verify the signatures myself so that I can do some logic before handling the interaction, a custom fetch handler would either be spoofable (it's run for each initial user) or perform signature validation twice
Sometimes, it's useful to skip key validation for some reason (for example, I'm validating keys and creating a cooldown system for commands) This PR adds an option to do just that. Haven't tested it out yet, but IMO it should work.