WIP Add Webhooks controller, allowed IP config
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/push Build is passing
Details
This commit is contained in:
parent
2e1d930e0f
commit
68e0d00f6e
|
@ -9,3 +9,5 @@ BTCPAY_API_URL='http://localhost:23001/api/v1'
|
|||
|
||||
LNDHUB_API_URL='http://localhost:3023'
|
||||
LNDHUB_PUBLIC_URL='https://lndhub.kosmos.org'
|
||||
|
||||
WEBHOOKS_ALLOWED_IPS='10.1.1.163'
|
||||
|
|
|
@ -5,3 +5,5 @@ BTCPAY_API_URL='http://10.1.1.163:23001/api/v1'
|
|||
LNDHUB_LEGACY_API_URL='http://10.1.1.163:3026'
|
||||
LNDHUB_API_URL='http://10.1.1.163:3026'
|
||||
LNDHUB_PUBLIC_URL='https://lndhub.kosmos.org'
|
||||
|
||||
WEBHOOKS_ALLOWED_IPS='10.1.1.163'
|
||||
|
|
|
@ -1,5 +1,9 @@
|
|||
EJABBERD_API_URL='http://xmpp.example.com/api'
|
||||
|
||||
BTCPAY_API_URL='http://btcpay.example.com/api/v1'
|
||||
|
||||
LNDHUB_LEGACY_API_URL='http://localhost:3023'
|
||||
LNDHUB_API_URL='http://localhost:3026'
|
||||
LNDHUB_PUBLIC_URL='https://lndhub.kosmos.org'
|
||||
|
||||
WEBHOOKS_ALLOWED_IPS='10.1.1.23'
|
||||
|
|
|
@ -0,0 +1,23 @@
|
|||
class WebhooksController < ApplicationController
|
||||
skip_forgery_protection
|
||||
|
||||
before_action :authorize_request
|
||||
|
||||
def lndhub
|
||||
begin
|
||||
payload = JSON.parse(request.body.read, symbolize_names: true)
|
||||
rescue
|
||||
head :unprocessable_entity and return
|
||||
end
|
||||
|
||||
head :ok
|
||||
end
|
||||
|
||||
private
|
||||
|
||||
def authorize_request
|
||||
if !ENV['WEBHOOKS_ALLOWED_IPS'].split(',').include?(request.remote_ip)
|
||||
head :forbidden and return
|
||||
end
|
||||
end
|
||||
end
|
|
@ -25,6 +25,8 @@ Rails.application.routes.draw do
|
|||
get 'lnurlpay/:address', to: 'lnurlpay#index', constraints: { address: /[^\/]+/}
|
||||
get 'lnurlpay/:address/invoice', to: 'lnurlpay#invoice', constraints: { address: /[^\/]+/}
|
||||
|
||||
post 'webhooks/lndhub', to: 'webhooks#lndhub'
|
||||
|
||||
namespace :api do
|
||||
get 'kredits/onchain_btc_balance', to: 'kredits#onchain_btc_balance'
|
||||
end
|
||||
|
|
|
@ -0,0 +1,20 @@
|
|||
require 'rails_helper'
|
||||
|
||||
RSpec.describe "Webhooks", type: :request do
|
||||
describe "Allowed IP addresses" do
|
||||
context "IP not allowed" do
|
||||
it "returns a 403 status" do
|
||||
post "/webhooks/lndhub"
|
||||
expect(response).to have_http_status(:forbidden)
|
||||
end
|
||||
end
|
||||
|
||||
context "IP allowed" do
|
||||
it "returns a 403 status" do
|
||||
ENV['WEBHOOKS_ALLOWED_IPS'] = '127.0.0.1'
|
||||
post "/webhooks/lndhub"
|
||||
expect(response).to have_http_status(:unprocessable_entity)
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
Loading…
Reference in New Issue