|
|
@ -17,19 +17,13 @@ app.use(bodyParser.json()); |
|
|
|
|
|
|
|
// Custom middleware to handle URLs without .html for specific routes
|
|
|
|
app.use((req, res, next) => { |
|
|
|
// Extract the path without any query parameters
|
|
|
|
const urlPath = req.path.split('?')[0]; |
|
|
|
|
|
|
|
// Define routes that should render HTML files without .html extension
|
|
|
|
const htmlRoutes = ['/about', '/list', '/gallery']; |
|
|
|
|
|
|
|
// Check if the requested path is in the htmlRoutes array
|
|
|
|
if (htmlRoutes.includes(urlPath)) { |
|
|
|
// Append .html to the path and continue
|
|
|
|
req.url += '.html'; |
|
|
|
} |
|
|
|
|
|
|
|
// Continue to the next middleware
|
|
|
|
next(); |
|
|
|
}); |
|
|
|
|
|
|
@ -68,17 +62,26 @@ app.post('/api', (req, res) => { |
|
|
|
|
|
|
|
// Verify the secret
|
|
|
|
const hmac = crypto.createHmac('sha256', GITEA_SECRET); |
|
|
|
const digest = `${hmac.update(payload).digest('hex')}`; |
|
|
|
const digest = hmac.update(payload).digest('hex'); |
|
|
|
|
|
|
|
// Ensure both buffers have the same length before comparing
|
|
|
|
const bufferSignature = Buffer.from(signature); |
|
|
|
const bufferDigest = Buffer.from(digest); |
|
|
|
console.log('Signature from Gitea:', signature); |
|
|
|
console.log('Computed digest:', digest); |
|
|
|
|
|
|
|
console.log(bufferDigest.length, bufferSignature.length, signature, digest) |
|
|
|
const bufferSignature = Buffer.from(signature, 'hex'); |
|
|
|
const bufferDigest = Buffer.from(digest, 'hex'); |
|
|
|
|
|
|
|
if (bufferSignature.length === bufferDigest.length && crypto.timingSafeEqual(bufferSignature, bufferDigest)) { |
|
|
|
// Secret is valid, update the repository
|
|
|
|
res.status(200).send('Repository updated successfully'); |
|
|
|
// Optionally, execute a shell command to pull the latest changes
|
|
|
|
exec('git pull', (error, stdout, stderr) => { |
|
|
|
if (error) { |
|
|
|
console.error(`exec error: ${error}`); |
|
|
|
return; |
|
|
|
} |
|
|
|
console.log(`stdout: ${stdout}`); |
|
|
|
console.error(`stderr: ${stderr}`); |
|
|
|
}); |
|
|
|
} else { |
|
|
|
res.status(401).send('Invalid secret'); |
|
|
|
} |
|
|
|