From 686053a0fe9744b31fafd0378f27fdcb0060324c Mon Sep 17 00:00:00 2001 From: ProgrammerIn-wonderland <3838shah@gmail.com> Date: Thu, 14 Aug 2025 18:30:20 -0400 Subject: [PATCH] dev: add verification for entri webhooks --- src/backend/src/services/EntriService.js | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/src/backend/src/services/EntriService.js b/src/backend/src/services/EntriService.js index 9e4e40cb0..30d7d98aa 100644 --- a/src/backend/src/services/EntriService.js +++ b/src/backend/src/services/EntriService.js @@ -27,6 +27,7 @@ const { Eq } = require("../om/query/query"); const { Endpoint } = require("../util/expressutil"); const { IncomingMessage } = require("node:http"); const { Context } = require("../util/context"); +const { createHash } = require('crypto'); // async function generateJWT(applicationId, secret, domain, ) { @@ -48,6 +49,10 @@ class EntriService extends BaseService { * @param {*} res */ handler: async (req, res) => { + if (createHash('sha256').update(req.body.id + this.config.secret).digest('hex') !== req.headers["entri-signature"]) { + res.status(401).send("Lol"); + return; + } if (!req.body.data.records_propagated) { console.log("Failed to set domain records") return;