Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- app.post('/api/webhook', async (req, res) => {
- console.log(':tada: We got an order!');
- // We'll compare the hmac to our own hash
- const hmac = req.get('X-Shopify-Hmac-Sha256');
- // Use raw-body to get the body (buffer)
- // let body;
- // let newOrder;
- const body = await getRawBody(req)
- const newOrder = JSON.parse(body.toString())
- //console.log(newOrder)
- try {
- body = await getRawBody(req);
- newOrder = JSON.parse(body.toString());
- console.log(newOrder)
- } catch (e) {
- console.log('Something went wrong:')
- console.log(e)
- throw e;
- }
- // Create a hash using the body and our key
- const hash = crypto
- .createHmac('sha256', secretKey)
- .update(body, 'utf8', 'hex')
- .digest('base64');
- // Compare our hash to Shopify's hash
- if (hash === hmac) {
- // It's a match! All good
- console.log(':tada: Phew, it came from Shopify!');
- res.sendStatus(200);
- } else {
- // No match! This request didn't originate from Shopify
- console.log(':ghost: Danger! Not from Shopify!');
- res.sendStatus(403);
- }
- const config = {
- headers: {
- 'Content-Type': 'application/x-www-form-urlencoded',
- 'Accept' : 'application/json',
- 'GSUID' : '158'
- }
- };
- const requestBody = {
- f: 'json',
- u: 'boxofheat',
- p: 'boX_oF_heaT.2019'
- };
- //Login and retrieve session_digest
- const login = 'https://clienti.grupposinergia.net/webservice/login';
- axios.post(login, qs.stringify(requestBody), config)
- .then(response => {
- //Store session_digest
- var session = [];
- session = response.data.session_digest;
- //Insert orders
- const data = {
- no: newOrder,
- sd: session,
- f: "json"
- }
- const url = 'https://clienti.grupposinergia.net/webservice/logistics/insert_orders';
- const params = httpBuildQuery(data);
- axios.post(url, params, config)
- .then(response => {
- console.log(response);
- })
- .catch((err) => {
- console.log("API Error:" + err);
- })
- })
- .finally( () => {
- console.log('end');
- })
- })
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement