@hygraph/utils
v1.2.1
Published
Collection of useful Hygraph utilities for building GraphQL powered apps.
Downloads
6,395
Maintainers
Keywords
Readme
Hygraph Utils
Install
npm i @hygraph/utils
Usage
verifyWebhookSignature
You'll need the request body and headers to pass to verifyWebhookSignature
.
If isValid
is truthy then you can safely execute your webhook handler code knowing the request is genuine, otherwise you should abort any further action.
const { verifyWebhookSignature } = require("@hygraph/utils");
const secret = "rCNwyiloY3oJYYkxgpBXaleIiUv5MYlx";
const body = {}; // Typically req.body
const signature = "..."; // Typically req.headers['gcms-signature']
const isValid = verifyWebhookSignature({ body, signature, secret });
verifyWebhookSignature
also accepts a rawPayload
in the case that the body
has not yet been parsed.
const { verifyWebhookSignature } = require("@hygraph/utils");
const secret = "rCNwyiloY3oJYYkxgpBXaleIiUv5MYlx";
const rawPayload = '{"hello":"world"}';
const signature = "..."; // Typically req.headers['gcms-signature']
const isValid = verifyWebhookSignature({ rawPayload, signature, secret });
generateWebhookSignature
This is useful for testing signed webhooks. You can generate a Hygraph webhook signature, and then use it to test your webhook.
const { generateWebhookSignature } = require("@hygraph/utils");
const secret = "rCNwyiloY3oJYYkxgpBXaleIiUv5MYlx";
const body = {
hello: "world",
};
const signature = generateWebhookSignature({ body, secret });