Add Webhooks and XMPP notifications for incoming sats #79
@@ -9,3 +9,5 @@ BTCPAY_API_URL='http://localhost:23001/api/v1'
|
||||
|
||||
LNDHUB_API_URL='http://localhost:3023'
|
||||
LNDHUB_PUBLIC_URL='https://lndhub.kosmos.org'
|
||||
|
||||
WEBHOOKS_ALLOWED_IPS='10.1.1.163'
|
||||
|
||||
@@ -5,3 +5,5 @@ BTCPAY_API_URL='http://10.1.1.163:23001/api/v1'
|
||||
LNDHUB_LEGACY_API_URL='http://10.1.1.163:3026'
|
||||
LNDHUB_API_URL='http://10.1.1.163:3026'
|
||||
LNDHUB_PUBLIC_URL='https://lndhub.kosmos.org'
|
||||
|
||||
WEBHOOKS_ALLOWED_IPS='10.1.1.163'
|
||||
|
||||
@@ -1,5 +1,9 @@
|
||||
EJABBERD_API_URL='http://xmpp.example.com/api'
|
||||
|
||||
BTCPAY_API_URL='http://btcpay.example.com/api/v1'
|
||||
|
||||
LNDHUB_LEGACY_API_URL='http://localhost:3023'
|
||||
LNDHUB_API_URL='http://localhost:3026'
|
||||
LNDHUB_PUBLIC_URL='https://lndhub.kosmos.org'
|
||||
|
||||
WEBHOOKS_ALLOWED_IPS='10.1.1.23'
|
||||
|
||||
23
app/controllers/webhooks_controller.rb
Normal file
23
app/controllers/webhooks_controller.rb
Normal file
@@ -0,0 +1,23 @@
|
||||
class WebhooksController < ApplicationController
|
||||
skip_forgery_protection
|
||||
|
||||
before_action :authorize_request
|
||||
|
||||
def lndhub
|
||||
begin
|
||||
payload = JSON.parse(request.body.read, symbolize_names: true)
|
||||
|
raucao marked this conversation as resolved
|
||||
rescue
|
||||
head :unprocessable_entity and return
|
||||
end
|
||||
|
||||
head :ok
|
||||
end
|
||||
|
raucao marked this conversation as resolved
Outdated
bumi
commented
should not be the case, but this might be nil. maybe we should do a should not be the case, but this might be nil. maybe we should do a `User.find_by!`
raucao
commented
Good idea! Fails much cleaner and more expressively than when trying to access properties on Good idea! Fails much cleaner and more expressively than when trying to access properties on `nil` later.
|
||||
|
||||
private
|
||||
|
||||
def authorize_request
|
||||
if !ENV['WEBHOOKS_ALLOWED_IPS'].split(',').include?(request.remote_ip)
|
||||
head :forbidden and return
|
||||
end
|
||||
end
|
||||
end
|
||||
@@ -25,6 +25,8 @@ Rails.application.routes.draw do
|
||||
get 'lnurlpay/:address', to: 'lnurlpay#index', constraints: { address: /[^\/]+/}
|
||||
get 'lnurlpay/:address/invoice', to: 'lnurlpay#invoice', constraints: { address: /[^\/]+/}
|
||||
|
||||
post 'webhooks/lndhub', to: 'webhooks#lndhub'
|
||||
|
||||
namespace :api do
|
||||
get 'kredits/onchain_btc_balance', to: 'kredits#onchain_btc_balance'
|
||||
end
|
||||
|
||||
20
spec/requests/webhooks_spec.rb
Normal file
20
spec/requests/webhooks_spec.rb
Normal file
@@ -0,0 +1,20 @@
|
||||
require 'rails_helper'
|
||||
|
||||
RSpec.describe "Webhooks", type: :request do
|
||||
describe "Allowed IP addresses" do
|
||||
context "IP not allowed" do
|
||||
it "returns a 403 status" do
|
||||
post "/webhooks/lndhub"
|
||||
expect(response).to have_http_status(:forbidden)
|
||||
end
|
||||
end
|
||||
|
||||
context "IP allowed" do
|
||||
it "returns a 403 status" do
|
||||
ENV['WEBHOOKS_ALLOWED_IPS'] = '127.0.0.1'
|
||||
post "/webhooks/lndhub"
|
||||
expect(response).to have_http_status(:unprocessable_entity)
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
Reference in New Issue
Block a user
doesn't rails automatically parse the JSON because the proper content type is set?
so
params[:type]andparams[:user_login]should be enough?I didn't know, so I tried (also with explicitly setting the content type in the spec). Doesn't do it.