Consider Implementing Validation #1
Comments
|
@ryanharnwell I'd like to do this and will take a look once I finish extracting the adapter and they take my PR. |
|
I'd be interested in this too. The |
|
@bradpauly Have you thought any further about adding this in? Nice work so far by the way! |
|
@ryanharnwell I'm afraid I haven't had time yet, although I'm still interested in it. |
|
@ryanharnwell @dmarkow have either of you implemented this check? I've just added it to an app, but I don't use the built-in routes from griddler so I didn't take the approach of overriding the Griddler::EmailsController. I'm not sure putting this in the adapter is I want to do, but I'm open to discussing. |
|
@bradpauly I haven't touched our griddler/mailgun code since last year but I may be revisiting it soon for an upcoming project and can give it some thought. |
|
@bradpauly thank you for your work with this adapter. |
|
@stefanosc I'm checking the signature in my app, but I haven't looked into putting it into the adapter yet. I'm not using the built-in routes from griddler so I haven't tried subclassing its controller. There are other examples around, but here's how I'm doing it if you're interested: require 'openssl'
class Mailgun::BaseController < ApplicationController
before_filter :verify_webhook
private
def verify_webhook
api_key = YOUR_API_KEY
digest = OpenSSL::Digest::SHA256.new
data = [params[:timestamp], params[:token]].join
computed_signature = OpenSSL::HMAC.hexdigest(digest, api_key, data)
if params[:signature] != computed_signature
render text:'ERROR', status: :forbidden
end
end
end |
|
Thank you @bradpauly |
Brad - nice work taking on this project!
Just thought I would bring this feature request to your attention so that you might consider implementing it in the mailgun adapter:
thoughtbot/griddler#139
(I did not make any further progress past the end of this thread, it's a but beyond my skillset)
The text was updated successfully, but these errors were encountered: