buffer update
This commit is contained in:
63
server.js
63
server.js
@@ -1,19 +1,20 @@
|
||||
const express = require('express');
|
||||
const path = require('path');
|
||||
const bodyParser = require('body-parser')
|
||||
const crypto = require('crypto')
|
||||
const { exec } = require('child_process')
|
||||
const bodyParser = require('body-parser');
|
||||
const crypto = require('crypto');
|
||||
const { exec } = require('child_process');
|
||||
require('dotenv').config();
|
||||
|
||||
const app = express();
|
||||
const PORT = process.env.PORT || 3000;
|
||||
const GITEA_SECRET = process.env.GITEA_SECRET;
|
||||
console.log('GITEA_SECRET:', process.env.GITEA_SECRET);
|
||||
|
||||
// Serve static files from the 'public' directory
|
||||
app.use(express.static(path.join(__dirname, 'public')));
|
||||
|
||||
// Middleware to parse JSON payloads
|
||||
app.use(bodyParser.json())
|
||||
app.use(bodyParser.json());
|
||||
|
||||
// Custom middleware to handle URLs without .html for specific routes
|
||||
app.use((req, res, next) => {
|
||||
@@ -59,39 +60,37 @@ app.get('/articles/:articleName', (req, res) => {
|
||||
|
||||
// Webhook handler
|
||||
app.post('/api', (req, res) => {
|
||||
console.log('hit!');
|
||||
console.log('GITEA_SECRET:', process.env.GITEA_SECRET);
|
||||
const signature = req.headers['x-gitea-signature'];
|
||||
const payload = JSON.stringify(req.body);
|
||||
console.log('hit!');
|
||||
console.log('GITEA_SECRET:', process.env.GITEA_SECRET);
|
||||
const signature = req.headers['x-gitea-signature'];
|
||||
const payload = JSON.stringify(req.body);
|
||||
|
||||
if (!signature || !payload) {
|
||||
return res.status(400).send('Invalid payload or missing signature');
|
||||
}
|
||||
if (!signature || !payload) {
|
||||
return res.status(400).send('Invalid payload or missing signature');
|
||||
}
|
||||
|
||||
// Verify the secret
|
||||
const hmac = crypto.createHmac('sha256', GITEA_SECRET);
|
||||
const digest = `sha256=${hmac.update(payload).digest('hex')}`;
|
||||
// Verify the secret
|
||||
const hmac = crypto.createHmac('sha256', GITEA_SECRET);
|
||||
const digest = `sha256=${hmac.update(payload).digest('hex')}`;
|
||||
|
||||
// Buffer lengths
|
||||
const bufferSignature = Buffer.from(signature);
|
||||
const bufferDigest = Buffer.from(digest);
|
||||
// Ensure both buffers have the same length before comparing
|
||||
const bufferSignature = Buffer.from(signature);
|
||||
const bufferDigest = Buffer.from(digest);
|
||||
|
||||
console.log(bufferDigest, bufferSignature)
|
||||
if (bufferSignature.length === bufferDigest.length && crypto.timingSafeEqual(bufferSignature, bufferDigest)) {
|
||||
// Secret is valid, update the repository
|
||||
exec('/home/gnome.sh', (err, stdout, stderr) => {
|
||||
if (err) {
|
||||
console.error(`Error updating repository: ${stderr}`);
|
||||
return res.status(500).send('Server error');
|
||||
}
|
||||
|
||||
if (crypto.timingSafeEqual(Buffer.from(signature), Buffer.from(digest))) {
|
||||
// Secret is valid, update the repository
|
||||
exec('/home/gnome.sh', (err, stdout, stderr) => {
|
||||
if (err) {
|
||||
console.error(`Error updating repository: ${stderr}`);
|
||||
return res.status(500).send('Server error');
|
||||
}
|
||||
|
||||
console.log(`Repository updated: ${stdout}`);
|
||||
res.status(200).send('Repository updated successfully');
|
||||
});
|
||||
} else {
|
||||
res.status(401).send('Invalid secret');
|
||||
}
|
||||
console.log(`Repository updated: ${stdout}`);
|
||||
res.status(200).send('Repository updated successfully');
|
||||
});
|
||||
} else {
|
||||
res.status(401).send('Invalid secret');
|
||||
}
|
||||
});
|
||||
|
||||
// Error handling
|
||||
|
||||
Reference in New Issue
Block a user