Verify signed HTTP requests from Manifold
Code of Conduct | Contribution Guidelines
$ npm install @manifoldco/signature
var Verifier = require('@manifoldco/signature').Verifier;
var verifier = new Verifier();
// Using the promise interface
verifier.test(req, req.rawBody).then(function() {
// Accept and handle request
}).catch(function(err) {
// Deny request on error
res.statusCode = err.statusCode || 500;
// Respond with JSON, including a message property
return res.json({ message: err.message });
});
// Using the callback interface
verifier.test(req, req.rawBody, function(err) {
if (err) {
// Deny request on error
res.statusCode = err.statusCode || 500;
// Respond with JSON, including a message property
return res.json({ message: err.message });
}
// Accept and handle request
});
var Verifier = require('@manifoldco/signature').Verifier;
var verifier = new Verifier();
// The verification library expects that the req.rawBody property
// exists so that the body does not have to be read twice, this can be
// done automatically with restify-plugins bodyParser
app.use(plugins.bodyParser({ mapParams: true }));
// Applying the verifier middleware with default master key and options (recommended)
app.use(function(req, res, next) {
verifier.test(req).then(function() {
// Accept and handle request
next();
}).catch(function(err) {
// Deny request on error
res.statusCode = err.statusCode || 500;
// Respond with JSON, including a message property
return res.json({ message: err.message });
});
});
var verifier = require('@manifoldco/signature').express;
// When using an existing body parser, we require you to add a verify step
// which will keep track of the original request body for the verifier
// middleware
app.use(bodyParser.json({ verify: verifier.appendRawBody }));
// Applying the verifier middleware with default master key and options (recommended)
app.use(verifier.middleware());