change
This commit is contained in:
64
server.js
64
server.js
@@ -12,8 +12,12 @@ const GITEA_SECRET = "123";
|
|||||||
// Serve static files from the 'public' directory
|
// Serve static files from the 'public' directory
|
||||||
app.use(express.static(path.join(__dirname, 'public')));
|
app.use(express.static(path.join(__dirname, 'public')));
|
||||||
|
|
||||||
// Middleware to parse JSON payloads
|
// Middleware to capture raw body
|
||||||
app.use(bodyParser.json());
|
app.use(bodyParser.json({
|
||||||
|
verify: (req, res, buf, encoding) => {
|
||||||
|
req.rawBody = buf.toString(encoding || 'utf8');
|
||||||
|
}
|
||||||
|
}));
|
||||||
|
|
||||||
// Custom middleware to handle URLs without .html for specific routes
|
// Custom middleware to handle URLs without .html for specific routes
|
||||||
app.use((req, res, next) => {
|
app.use((req, res, next) => {
|
||||||
@@ -53,38 +57,40 @@ app.get('/articles/:articleName', (req, res) => {
|
|||||||
|
|
||||||
// Webhook handler
|
// Webhook handler
|
||||||
app.post('/api', (req, res) => {
|
app.post('/api', (req, res) => {
|
||||||
const signature = req.headers['x-gitea-signature'];
|
const signature = req.headers['x-gitea-signature'];
|
||||||
const payload = JSON.stringify(req.body);
|
const payload = req.rawBody;
|
||||||
|
|
||||||
if (!signature || !payload) {
|
if (!signature || !payload) {
|
||||||
return res.status(400).send('Invalid payload or missing signature');
|
return res.status(400).send('Invalid payload or missing signature');
|
||||||
}
|
}
|
||||||
|
|
||||||
// Verify the secret
|
// Verify the secret
|
||||||
const hmac = crypto.createHmac('sha256', GITEA_SECRET);
|
const hmac = crypto.createHmac('sha256', GITEA_SECRET);
|
||||||
const digest = hmac.update(payload).digest('hex');
|
const digest = hmac.update(payload).digest('hex');
|
||||||
|
|
||||||
console.log('Signature from Gitea:', signature);
|
console.log('Signature from Gitea:', signature);
|
||||||
console.log('Computed digest:', digest);
|
console.log('Computed digest:', digest);
|
||||||
|
console.log('Payload:', payload);
|
||||||
|
console.log('Secret:', GITEA_SECRET);
|
||||||
|
|
||||||
const bufferSignature = Buffer.from(signature, 'hex');
|
const bufferSignature = Buffer.from(signature, 'hex');
|
||||||
const bufferDigest = Buffer.from(digest, 'hex');
|
const bufferDigest = Buffer.from(digest, 'hex');
|
||||||
|
|
||||||
if (bufferSignature.length === bufferDigest.length && crypto.timingSafeEqual(bufferSignature, bufferDigest)) {
|
if (bufferSignature.length === bufferDigest.length && crypto.timingSafeEqual(bufferSignature, bufferDigest)) {
|
||||||
// Secret is valid, update the repository
|
// Secret is valid, update the repository
|
||||||
res.status(200).send('Repository updated successfully');
|
res.status(200).send('Repository updated successfully');
|
||||||
// Optionally, execute a shell command to pull the latest changes
|
// Optionally, execute a shell command to pull the latest changes
|
||||||
exec('git pull', (error, stdout, stderr) => {
|
exec('git pull', (error, stdout, stderr) => {
|
||||||
if (error) {
|
if (error) {
|
||||||
console.error(`exec error: ${error}`);
|
console.error(`exec error: ${error}`);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
console.log(`stdout: ${stdout}`);
|
console.log(`stdout: ${stdout}`);
|
||||||
console.error(`stderr: ${stderr}`);
|
console.error(`stderr: ${stderr}`);
|
||||||
});
|
});
|
||||||
} else {
|
} else {
|
||||||
res.status(401).send('Invalid secret');
|
res.status(401).send('Invalid secret');
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
|
|
||||||
// Error handling
|
// Error handling
|
||||||
|
|||||||
Reference in New Issue
Block a user