hmac

server.js

@@ -59,7 +59,6 @@ app.get('/articles/:articleName', (req, res) => {
 
 // Webhook handler
 app.post('/api', (req, res) => {
-  console.log(req)
   const signature = req.headers['x-gitea-signature'];
   const payload = JSON.stringify(req.body);
 
@@ -75,11 +74,11 @@ app.post('/api', (req, res) => {
   const bufferSignature = Buffer.from(signature);
   const bufferDigest = Buffer.from(digest);
 
-  console.log(bufferDigest.length, bufferSignature.length)
+  console.log(bufferDigest.length, bufferSignature.length, hmac, digest)
 
   if (bufferSignature.length === bufferDigest.length && crypto.timingSafeEqual(bufferSignature, bufferDigest)) {
     // Secret is valid, update the repository
-      res.status(200).send('Repository updated successfully');
+    res.status(200).send('Repository updated successfully');
   } else {
     res.status(401).send('Invalid secret');
   }