added api webhook for testing

server.js

@@ -1,12 +1,20 @@
 const express = require('express');
 const path = require('path');
+const bodyParser = require('body-parser')
+const crypto = require('crypto')
+const { exec } = require('child_process')
+require('dotenv').config();
 
 const app = express();
 const PORT = process.env.PORT || 3000;
+const GITEA_SECRET = process.env.GITEA_SECRET;
 
 // Serve static files from the 'public' directory
 app.use(express.static(path.join(__dirname, 'public')));
 
+// Middleware to parse JSON payloads
+app.use(bodyParser.json())
+
 // Custom middleware to handle URLs without .html for specific routes
 app.use((req, res, next) => {
   // Extract the path without any query parameters
@@ -49,6 +57,35 @@ app.get('/articles/:articleName', (req, res) => {
   res.sendFile(path.join(__dirname, 'public/articles', `${articleName}.html`));
 });
 
+// Webhook handler
+app.post('/api', (req, res) => {
+	const signature = req.headers['x-gitea-signature'];
+	const payload = JSON.stringify(req.body);
+  
+	if (!signature || !payload) {
+	  return res.status(400).send('Invalid payload or missing signature');
+	}
+  
+	// Verify the secret
+	const hmac = crypto.createHmac('sha256', GITEA_SECRET);
+	const digest = `sha256=${hmac.update(payload).digest('hex')}`;
+  
+	if (crypto.timingSafeEqual(Buffer.from(signature), Buffer.from(digest))) {
+	  // Secret is valid, update the repository
+	  exec('/home/gnome.sh', (err, stdout, stderr) => {
+		if (err) {
+		  console.error(`Error updating repository: ${stderr}`);
+		  return res.status(500).send('Server error');
+		}
+  
+		console.log(`Repository updated: ${stdout}`);
+		res.status(200).send('Repository updated successfully');
+	  });
+	} else {
+	  res.status(401).send('Invalid secret');
+	}
+});
+
 // Error handling
 app.use((err, req, res, next) => {
   console.error(err.stack);