-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathindex.js
84 lines (67 loc) · 2.59 KB
/
index.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
const express = require('express');
const { config } = require('dotenv');
const { genHmac, compareHmac } = require('./utils/crypto');
const app = express();
// Loads the environment variables
config();
app.use(express.urlencoded({ extended: false }));
app.use(express.json());
/**
* Handles the verification request meta sends to verify your webhook endpoint
* Modify the API path and logic as you see fit.
* The curent code logic handles the verification request perfectly well.
* It verifies that the hub.verify_token value matches the verification token you provided when setting up the webhook on the App dashboard
* If the verification token matches, it sends back the hub.challenge value
*/
app.get('/meta/webhook/verify_request', (req, res, next) => {
try {
const query = req.query;
const hubVerifyToken = query['hub.verify_token'];
const hubChallenge = query['hub.challenge'];
if (hubVerifyToken !== process.env.META_HUB_VERIFY_TOKEN) {
throw new Error("Verify token don't match");
}
res.status(200).send(hubChallenge);
} catch (error) {
next(error);
}
});
// Handle instagram webhook events
app.post('/meta/webhook/instagram', (req, res, next) => {
try {
const x_hub_signature = req.headers['x-hub-signature-256'];
if (!x_hub_signature) {
throw new Error('x-hub-signature-256 header is missing');
}
// Generate a SHA256 signature using the payload and your app secret
const localSig = genHmac(req.body, process.env.META_APP_SECRET);
// Compare the generated signature to the one in the x-hub-signature-256 header
const metaSig = x_hub_signature.split('sha256=')[1];
const sigMatched = compareHmac(metaSig, localSig);
if (!sigMatched) {
throw new Error("Signatures don't match");
}
// TODO: Add the specific business logic that aligns with your use case.
// This section of the code is a placeholder for the functionality that
// should be implemented based on the requirements of your application.
// Feel free to modify or extend this logic to suit your needs.
// Always respond with a 200 OK if everything goes well
res.status(200).send();
} catch (error) {
next(error);
}
});
// Central error handling middleware
app.use((err, req, res, next) => {
let message = err.message !== undefined ? err.message : 'Internal server error';
let status = err.code !== undefined ? err.code : 500;
res.status(status).json({
message,
status,
});
});
const PORT = process.env.PORT || 3000;
app.listen(PORT, () => {
console.log(`Server is running on port:`, PORT);
});
module.exports = app;