-
Notifications
You must be signed in to change notification settings - Fork 27
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Consider Implementing Validation #1
Comments
@ryanharnwell I'd like to do this and will take a look once I finish extracting the adapter and they take my PR. |
I'd be interested in this too. The |
@bradpauly Have you thought any further about adding this in? Nice work so far by the way! |
@ryanharnwell I'm afraid I haven't had time yet, although I'm still interested in it. |
@ryanharnwell @dmarkow have either of you implemented this check? I've just added it to an app, but I don't use the built-in routes from griddler so I didn't take the approach of overriding the Griddler::EmailsController. I'm not sure putting this in the adapter is I want to do, but I'm open to discussing. |
@bradpauly I haven't touched our griddler/mailgun code since last year but I may be revisiting it soon for an upcoming project and can give it some thought. |
@bradpauly thank you for your work with this adapter. |
@stefanosc I'm checking the signature in my app, but I haven't looked into putting it into the adapter yet. I'm not using the built-in routes from griddler so I haven't tried subclassing its controller. There are other examples around, but here's how I'm doing it if you're interested: require 'openssl'
class Mailgun::BaseController < ApplicationController
before_filter :verify_webhook
private
def verify_webhook
api_key = YOUR_API_KEY
digest = OpenSSL::Digest::SHA256.new
data = [params[:timestamp], params[:token]].join
computed_signature = OpenSSL::HMAC.hexdigest(digest, api_key, data)
if params[:signature] != computed_signature
render text:'ERROR', status: :forbidden
end
end
end |
Thank you @bradpauly |
Brad - nice work taking on this project!
Just thought I would bring this feature request to your attention so that you might consider implementing it in the mailgun adapter:
thoughtbot/griddler#139
(I did not make any further progress past the end of this thread, it's a but beyond my skillset)
The text was updated successfully, but these errors were encountered: