cailean/garden
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

buffer update

Browse Source
This commit is contained in:
Cailean Finn
2024-06-18 21:10:41 +01:00
parent b65feef434
commit 0129c2144f
1 changed files with 33 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files

63
server.js
View File

@@ -1,19 +1,20 @@
const express = require('express'); const express = require('express');
const path = require('path'); const path = require('path');
const bodyParser = require('body-parser') const bodyParser = require('body-parser');
const crypto = require('crypto') const crypto = require('crypto');
const { exec } = require('child_process') const { exec } = require('child_process');
require('dotenv').config(); require('dotenv').config();
const app = express(); const app = express();
const PORT = process.env.PORT || 3000; const PORT = process.env.PORT || 3000;
const GITEA_SECRET = process.env.GITEA_SECRET; const GITEA_SECRET = process.env.GITEA_SECRET;
console.log('GITEA_SECRET:', process.env.GITEA_SECRET);
// Serve static files from the 'public' directory // Serve static files from the 'public' directory
app.use(express.static(path.join(__dirname, 'public'))); app.use(express.static(path.join(__dirname, 'public')));
// Middleware to parse JSON payloads // Middleware to parse JSON payloads
app.use(bodyParser.json()) app.use(bodyParser.json());
// Custom middleware to handle URLs without .html for specific routes // Custom middleware to handle URLs without .html for specific routes
app.use((req, res, next) => { app.use((req, res, next) => {
@@ -59,39 +60,37 @@ app.get('/articles/:articleName', (req, res) => {
// Webhook handler // Webhook handler
app.post('/api', (req, res) => { app.post('/api', (req, res) => {
console.log('hit!'); console.log('hit!');
console.log('GITEA_SECRET:', process.env.GITEA_SECRET); console.log('GITEA_SECRET:', process.env.GITEA_SECRET);
const signature = req.headers['x-gitea-signature']; const signature = req.headers['x-gitea-signature'];
const payload = JSON.stringify(req.body); const payload = JSON.stringify(req.body);
if (!signature || !payload) { if (!signature || !payload) {
return res.status(400).send('Invalid payload or missing signature'); return res.status(400).send('Invalid payload or missing signature');
} }
// Verify the secret // Verify the secret
const hmac = crypto.createHmac('sha256', GITEA_SECRET); const hmac = crypto.createHmac('sha256', GITEA_SECRET);
const digest = `sha256=${hmac.update(payload).digest('hex')}`; const digest = `sha256=${hmac.update(payload).digest('hex')}`;
// Buffer lengths // Ensure both buffers have the same length before comparing
const bufferSignature = Buffer.from(signature); const bufferSignature = Buffer.from(signature);
const bufferDigest = Buffer.from(digest); const bufferDigest = Buffer.from(digest);
console.log(bufferDigest, bufferSignature) if (bufferSignature.length === bufferDigest.length && crypto.timingSafeEqual(bufferSignature, bufferDigest)) {
// Secret is valid, update the repository
exec('/home/gnome.sh', (err, stdout, stderr) => {
if (err) {
console.error(`Error updating repository: ${stderr}`);
return res.status(500).send('Server error');
}
if (crypto.timingSafeEqual(Buffer.from(signature), Buffer.from(digest))) { console.log(`Repository updated: ${stdout}`);
// Secret is valid, update the repository res.status(200).send('Repository updated successfully');
exec('/home/gnome.sh', (err, stdout, stderr) => { });
if (err) { } else {
console.error(`Error updating repository: ${stderr}`); res.status(401).send('Invalid secret');
return res.status(500).send('Server error'); }
}
console.log(`Repository updated: ${stdout}`);
res.status(200).send('Repository updated successfully');
});
} else {
res.status(401).send('Invalid secret');
}
}); });
// Error handling // Error handling