Fix string index

Fix url
Fix ommited json parsing wotsit
2026-02-06 23:28:20 +00:00 · 2023-06-27 01:19:51 +01:00 · 2023-06-27 01:14:23 +01:00 · 2023-06-27 01:06:34 +01:00 · 2023-06-27 01:01:11 +01:00 · 2023-06-27 00:55:04 +01:00
1 changed files with 12 additions and 9 deletions
--- a/RIGS/views/rigboard.py
+++ b/RIGS/views/rigboard.py
@@ -5,6 +5,7 @@ import premailer
 import simplejson
 import urllib
 import hmac
+import hashlib

 from envparse import env
 from bs4 import BeautifulSoup
@@ -408,13 +409,15 @@ class RecieveForumWebhook(generic.View):
        return super().dispatch(request, *args, **kwargs)

    def post(self, request, *args, **kwargs):
-        computed = f"sha256={hmac.new(env('FORUM_WEBHOOK_SECRET').encode(), request.body, digestmod='sha256').hexdigest()}"
-        if request.POST.get('X-Discourse-Event-Signature') == computed: #  and request.POST.get('X-Discourse-Event') == "topic_created":
-            body = json.loads(request.body.decode('utf-8'))
-            event_id = int(body['title'][1:5]) # find the ID, force convert it to an int to eliminate leading zeros
-            event = models.Event.objects.filter(pk=event_id).first()
-            if event:
-                event.forum_url = "https://forum.nottinghamtec.co.uk/t/{}"
-                event.save()
-                return HttpResponse(status=200)
+        computed = f"sha256={hmac.new(env('FORUM_WEBHOOK_SECRET').encode(), request.body, hashlib.sha256).hexdigest()}"
+        print(computed)
+        if not hmac.compare_digest(request.headers.get('X-Discourse-Event-Signature'), computed):
+            return HttpResponseForbidden('Invalid signature header')
+        body = simplejson.loads(request.body.decode('utf-8'))
+        event_id = int(body['topic']['title'][1:6]) # find the ID, force convert it to an int to eliminate leading zeros
+        event = models.Event.objects.filter(pk=event_id).first()
+        if event:
+            event.forum_url = f"https://forum.nottinghamtec.co.uk/t/{body['topic']['slug']}"
+            event.save()
+            return HttpResponse(status=202)
        return HttpResponse(status=204)
Author	SHA1	Message	Date
FreneticScribbler	2171d7fda9	Fix string index	2023-06-27 01:19:51 +01:00
FreneticScribbler	3c4ccfb103	Fix url	2023-06-27 01:14:23 +01:00
FreneticScribbler	04c7e4b518	Fix ommited json parsing wotsit	2023-06-27 01:06:34 +01:00
FreneticScribbler	beb0ba915d	Fix import, again	2023-06-27 01:01:11 +01:00
FreneticScribbler	ac15ab3729	Different header access method	2023-06-27 00:55:04 +01:00
FreneticScribbler	15230cb361	Okay, put that back where it was because I inavertently overloaded my import Flashbacks to my java days...	2023-06-27 00:48:25 +01:00
FreneticScribbler	b5b8dc104c	Add debug print	2023-06-27 00:42:45 +01:00
FreneticScribbler	55aa41acfd	More fiddling with auth	2023-06-27 00:42:22 +01:00