cailean
/
garden
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Browse Source

buffer update

master
Cailean Finn 4 months ago
parent
b65feef434
commit
0129c2144f
1 changed files with 36 additions and 37 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 73
      server.js

73
server.js
View File

@ -1,19 +1,20 @@
const express = require('express'); const express = require('express');
const path = require('path'); const path = require('path');
const bodyParser = require('body-parser') const bodyParser = require('body-parser');
const crypto = require('crypto') const crypto = require('crypto');
const { exec } = require('child_process') const { exec } = require('child_process');
require('dotenv').config(); require('dotenv').config();
const app = express(); const app = express();
const PORT = process.env.PORT || 3000; const PORT = process.env.PORT || 3000;
const GITEA_SECRET = process.env.GITEA_SECRET; const GITEA_SECRET = process.env.GITEA_SECRET;
console.log('GITEA_SECRET:', process.env.GITEA_SECRET);
// Serve static files from the 'public' directory // Serve static files from the 'public' directory
app.use(express.static(path.join(__dirname, 'public'))); app.use(express.static(path.join(__dirname, 'public')));
// Middleware to parse JSON payloads // Middleware to parse JSON payloads
app.use(bodyParser.json()) app.use(bodyParser.json());
// Custom middleware to handle URLs without .html for specific routes // Custom middleware to handle URLs without .html for specific routes
app.use((req, res, next) => { app.use((req, res, next) => {
@ -59,39 +60,37 @@ app.get('/articles/:articleName', (req, res) => {
// Webhook handler // Webhook handler
app.post('/api', (req, res) => { app.post('/api', (req, res) => {
console.log('hit!'); console.log('hit!');
console.log('GITEA_SECRET:', process.env.GITEA_SECRET); console.log('GITEA_SECRET:', process.env.GITEA_SECRET);
const signature = req.headers['x-gitea-signature']; const signature = req.headers['x-gitea-signature'];
const payload = JSON.stringify(req.body); const payload = JSON.stringify(req.body);
if (!signature || !payload) { if (!signature || !payload) {
return res.status(400).send('Invalid payload or missing signature'); return res.status(400).send('Invalid payload or missing signature');
} }
// Verify the secret // Verify the secret
const hmac = crypto.createHmac('sha256', GITEA_SECRET); const hmac = crypto.createHmac('sha256', GITEA_SECRET);
const digest = `sha256=${hmac.update(payload).digest('hex')}`; const digest = `sha256=${hmac.update(payload).digest('hex')}`;
// Buffer lengths // Ensure both buffers have the same length before comparing
const bufferSignature = Buffer.from(signature); const bufferSignature = Buffer.from(signature);
const bufferDigest = Buffer.from(digest); const bufferDigest = Buffer.from(digest);
console.log(bufferDigest, bufferSignature) if (bufferSignature.length === bufferDigest.length && crypto.timingSafeEqual(bufferSignature, bufferDigest)) {
// Secret is valid, update the repository
if (crypto.timingSafeEqual(Buffer.from(signature), Buffer.from(digest))) { exec('/home/gnome.sh', (err, stdout, stderr) => {
// Secret is valid, update the repository if (err) {
exec('/home/gnome.sh', (err, stdout, stderr) => { console.error(`Error updating repository: ${stderr}`);
if (err) { return res.status(500).send('Server error');
console.error(`Error updating repository: ${stderr}`); }
return res.status(500).send('Server error');
} console.log(`Repository updated: ${stdout}`);
res.status(200).send('Repository updated successfully');
console.log(`Repository updated: ${stdout}`); });
res.status(200).send('Repository updated successfully'); } else {
}); res.status(401).send('Invalid secret');
} else { }
res.status(401).send('Invalid secret');
}
}); });
// Error handling // Error handling

Write Preview
Loading…
Cancel
Save