Discourse/discourse
Discourse/discourse
0
0
Fork 0
mirror of https://gh.wpcy.net/https://github.com/discourse/discourse.git synced 2026-05-06 00:10:52 +08:00
Code Packages Activity Actions
discourse/plugins/discourse-patreon/app/controllers/patreon/patreon_webhook_controller.rb
Jarek Radosz 71834c898f
DEV: Update rubocop-discourse to 3.13 and autofix issues (#35073) 
Co-authored-by: Loïc Guitaut <loic@discourse.org>
2025-10-06 16:11:01 +02:00

79 lines
2 KiB
Ruby
Raw Permalink Blame History

# frozen_string_literal: true
require "openssl"
require "json"
class Patreon::PatreonWebhookController < ApplicationController
requires_plugin Patreon::PLUGIN_NAME
skip_before_action :redirect_to_login_if_required,
:preload_json,
:check_xhr,
:verify_authenticity_token
TRIGGERS = %w[
pledges:create
pledges:update
pledges:delete
members:pledge:create
members:pledge:update
members:pledge:delete
]
def index
if unknown_trigger?
message = event.blank? ? "Missing event header" : "Unknown event: #{event}"
Rails.logger.warn("Patreon Webhook failed: #{message}") if SiteSetting.patreon_verbose_log
render_json_error(message, status: 403)
return
end
if !valid_signature?
if SiteSetting.patreon_verbose_log
Rails.logger.warn("Patreon Webhook failed: Invalid signature")
end
render_json_error("Invalid signature", status: 403)
return
end
pledge_data = JSON.parse(request.body.read)
patreon_id = Patreon::Pledge.get_patreon_id(pledge_data)
if SiteSetting.patreon_verbose_log
Rails.logger.warn(
"Patreon verbose log for Webhook:\n Event = #{event}\n Id = #{patreon_id}\n Data = #{pledge_data.inspect}",
)
end
case event
when "pledges:create", "members:pledge:create"
Patreon::Pledge.create!(pledge_data)
when "pledges:update", "members:pledge:update"
Patreon::Pledge.update!(pledge_data)
when "pledges:delete", "members:pledge:delete"
Patreon::Pledge.delete!(pledge_data)
end
Jobs.enqueue(:sync_patron_groups, patreon_id: patreon_id)
render body: nil, status: :ok
end
def event
request.headers["X-Patreon-Event"]
end
def unknown_trigger?
TRIGGERS.exclude?(event)
end
private
def valid_signature?
signature = request.headers["X-Patreon-Signature"]
digest = OpenSSL::Digest.new("MD5")
signature ==
OpenSSL::HMAC.hexdigest(digest, SiteSetting.patreon_webhook_secret, request.raw_post)
end
end
View git blame Copy permalink