Securing your webhook.
function generateHmacKey(secret, payload) { return crypto.createHmac("sha256", secret).update(payload).digest("hex"); } const webhookKey = generateHmacKey(secretKey, "leaning tower of pisa");
const webhookUrl = "https://your-domain.com/webhook?webhookKey=${webhookKey}";
const endpoint = "https://api.jigsawstack.com/v1/ai/transcribe"; const options = { method: "POST", headers: { "Content-Type": "application/json", "x-api-key": "<your-api-key>", // Replace with your actual API key. }, body: JSON.stringify({ url: "https://rogilvkqloanxtvjfrkm.supabase.co/storage/v1/object/public/demo/Video%201737458382653833217.mp4?t=2024-03-22T09%3A50%3A49.894Z", webhook_url: webhookUrl, // Replace with your actual webhook URL. }), }; const result = await fetch(endpoint, options); const data = await result.json();
app.post("/webhook", (req, res) => { const receivedHmac = req.query["webhookKey"]; // Generate HMAC const generatedHmac = generateHmacKey(secretKey, "learning tower of pisa"); // Verify the HMAC if (receivedHmac === generatedHmac) { console.log("Webhook verified and processed:", req.body); res.status(200).send("Webhook verified and processed"); } else { console.log("Webhook verification failed"); res.status(401).send("Webhook verification failed"); } });
Was this page helpful?