|
|
@@ -70,7 +70,7 @@ def chat_hook():
|
|
|
send_private_chat(user_id, f'{display_name}, you have {porps(points)}.')
|
|
|
|
|
|
elif lowercase_msg.startswith(f'{prefix}reg_mail'): # Generate a code to verify users account for email registration
|
|
|
- if current_app.config['KOFI_INTEGRATION']:
|
|
|
+ if current_app.config['KOFI_SETTINGS']['integration']:
|
|
|
mail_reg_code = get_email_code(db, user_id)
|
|
|
if mail_reg_code: # If the viewer already has a code waiting
|
|
|
send_private_chat(user_id, f'{display_name}, your code is {mail_reg_code}. Enter it into the form on the Stream Rewards Info page, with your email address, to enable Kofi perks!')
|
|
|
@@ -113,11 +113,11 @@ def kofi_hook():
|
|
|
current_app.logger.info(f'Kofi request')
|
|
|
if request.content_type == 'application/x-www-form-urlencoded':
|
|
|
raw_data = request.form.get('data') # Get the kofi data
|
|
|
- if current_app.config['KOFI_INTEGRATION']:
|
|
|
+ if current_app.config['KOFI_SETTINGS']['integration']:
|
|
|
if raw_data:
|
|
|
raw_data = json.loads(raw_data)
|
|
|
is_authed = raw_data['verification_token']
|
|
|
- if is_authed == current_app.config['KOFI_TOKEN']:
|
|
|
+ if is_authed == current_app.config['KOFI_SETTINGS']['token']:
|
|
|
type = raw_data['type']
|
|
|
is_public = raw_data['is_public']
|
|
|
new_sub = raw_data['is_first_subscription_payment']
|
|
|
@@ -164,17 +164,30 @@ def kofi_hook():
|
|
|
return jsonify({'status': 'success'}), 200
|
|
|
else:
|
|
|
current_app.logger.error(f'Kofi donation recieved, but Kofi integration is turned off. Rejected.')
|
|
|
- return jsonify({'status': 'Failed. Not accepting Kofi donations.'}), 400
|
|
|
+ return jsonify({'status': 'Failed. Not currently accepting Kofi donations.'}), 400
|
|
|
else:
|
|
|
return jsonify({'status': 'Failed. Invalid content type'}), 400
|
|
|
|
|
|
|
|
|
+def sign_payload(payload, secret): # For TESTING purposes
|
|
|
+ test_payload = hmac.new(
|
|
|
+ secret.encode(),
|
|
|
+ payload.encode(),
|
|
|
+ hashlib.sha256
|
|
|
+ ).hexdigest()
|
|
|
+ current_app.logger.info(f'\n\nTest encoded payload output: {test_payload}\n\n')
|
|
|
+ return test_payload
|
|
|
+
|
|
|
+
|
|
|
def verify_gbhook_signature(payload, signature, secret):
|
|
|
expected_signature = hmac.new(
|
|
|
secret.encode(),
|
|
|
payload.encode(),
|
|
|
hashlib.sha256
|
|
|
).hexdigest()
|
|
|
+ do_sig_check = hmac.compare_digest(signature, expected_signature)
|
|
|
+ current_app.logger.info(f'\n\nExpected Signature: {expected_signature}\nTest output: {do_sig_check}\n\n')
|
|
|
+ return do_sig_check
|
|
|
|
|
|
|
|
|
@ocb.route('/gbHook', methods=['POST'])
|
|
|
@@ -185,6 +198,9 @@ def gb_hook():
|
|
|
gb_secret = current_app.config['GB_SETTINGS']['secret']
|
|
|
|
|
|
raw_data = request.get_data(as_text=True)
|
|
|
+
|
|
|
+ signature = sign_payload(raw_data, gb_secret) # For TESTING purposes
|
|
|
+
|
|
|
event = request.json
|
|
|
transaction = event['data'] # TESTING
|
|
|
from_name = f'{transaction["first_name"]} {transaction["last_name"]}' # TESTING
|
|
|
@@ -192,8 +208,8 @@ def gb_hook():
|
|
|
amount = transaction['amount'] # TESTING
|
|
|
current_app.logger.info(f'\n\n{raw_data}\n\nSignature: {signature}\nFrom: {from_name}\nEmail: {email}\nAmount: {amount}\n\n') # TESTING
|
|
|
|
|
|
- # if not verify_gbhook_signature(raw_data, signature, gb_secret): # TESTING
|
|
|
- # return jsonify({'error': 'Invalid signature'}), 401
|
|
|
+ if not verify_gbhook_signature(raw_data, signature, gb_secret): # TESTING
|
|
|
+ return jsonify({'error': 'Invalid signature'}), 401
|
|
|
if current_app.config['GB_SETTINGS']['integration']:
|
|
|
try:
|
|
|
event_type = event['event']
|
