mirror of https://git.sr.ht/~sircmpwn/hub.sr.ht
webhooks: verify payload signature
This commit is contained in:
parent
a32c72e135
commit
e8d313356c
|
@ -6,6 +6,7 @@ from hubsrht.types import Event, EventType, MailingList, SourceRepo, RepoType
|
|||
from hubsrht.types import Tracker, User, Visibility
|
||||
from hubsrht.services import todo
|
||||
from srht.config import get_origin
|
||||
from srht.crypto import verify_request_signature
|
||||
from srht.database import db
|
||||
from srht.flask import csrf_bypass
|
||||
from urllib.parse import quote
|
||||
|
@ -21,7 +22,7 @@ _listssrht = get_origin("lists.sr.ht", external=True, default=None)
|
|||
@webhooks.route("/webhooks/git-user/<int:user_id>", methods=["POST"])
|
||||
def git_user(user_id):
|
||||
event = request.headers.get("X-Webhook-Event")
|
||||
payload = json.loads(request.data.decode("utf-8"))
|
||||
payload = verify_request_signature(request)
|
||||
user = User.query.get(user_id)
|
||||
if not user:
|
||||
return "I don't recognize this user.", 404
|
||||
|
@ -58,7 +59,7 @@ def git_user(user_id):
|
|||
@webhooks.route("/webhooks/git-repo/<int:repo_id>", methods=["POST"])
|
||||
def git_repo(repo_id):
|
||||
event = request.headers.get("X-Webhook-Event")
|
||||
payload = json.loads(request.data.decode("utf-8"))
|
||||
payload = verify_request_signature(request)
|
||||
repo = SourceRepo.query.get(repo_id)
|
||||
if not repo:
|
||||
return "I don't recognize that repository.", 404
|
||||
|
@ -100,7 +101,7 @@ def git_repo(repo_id):
|
|||
@webhooks.route("/webhooks/hg-user/<int:user_id>", methods=["POST"])
|
||||
def hg_user(user_id):
|
||||
event = request.headers.get("X-Webhook-Event")
|
||||
payload = json.loads(request.data.decode("utf-8"))
|
||||
payload = verify_request_signature(request)
|
||||
user = User.query.get(user_id)
|
||||
if not user:
|
||||
return "I don't recognize this user.", 404
|
||||
|
@ -137,7 +138,7 @@ def hg_user(user_id):
|
|||
@webhooks.route("/webhooks/mailing-list/<list_id>", methods=["POST"])
|
||||
def mailing_list(list_id):
|
||||
event = request.headers.get("X-Webhook-Event")
|
||||
payload = json.loads(request.data.decode("utf-8"))
|
||||
payload = verify_request_signature(request)
|
||||
ml = MailingList.query.get(list_id)
|
||||
if not ml:
|
||||
return "I don't recognize that mailing list.", 404
|
||||
|
@ -192,7 +193,7 @@ def mailing_list(list_id):
|
|||
@webhooks.route("/webhooks/todo-user/<int:user_id>", methods=["POST"])
|
||||
def todo_user(user_id):
|
||||
event = request.headers.get("X-Webhook-Event")
|
||||
payload = json.loads(request.data.decode("utf-8"))
|
||||
payload = verify_request_signature(request)
|
||||
|
||||
user = User.query.get(user_id)
|
||||
if not user:
|
||||
|
@ -230,7 +231,7 @@ def todo_user(user_id):
|
|||
@webhooks.route("/webhooks/todo-tracker/<int:tracker_id>", methods=["POST"])
|
||||
def todo_tracker(tracker_id):
|
||||
event = request.headers.get("X-Webhook-Event")
|
||||
payload = json.loads(request.data.decode("utf-8"))
|
||||
payload = verify_request_signature(request)
|
||||
|
||||
tracker = Tracker.query.get(tracker_id)
|
||||
if not tracker:
|
||||
|
@ -276,7 +277,7 @@ def todo_tracker(tracker_id):
|
|||
@webhooks.route("/webhooks/todo-ticket/<int:tracker_id>/ticket", methods=["POST"])
|
||||
def todo_ticket(tracker_id):
|
||||
event = request.headers.get("X-Webhook-Event")
|
||||
payload = json.loads(request.data.decode("utf-8"))
|
||||
payload = verify_request_signature(request)
|
||||
|
||||
tracker = Tracker.query.get(tracker_id)
|
||||
if not tracker:
|
||||
|
|
Loading…
Reference in New Issue