QBot/routes/webhook.js

const express = require('express');
const router = express.Router();
const { generateCallbackSignature, verifySignature } = require('../services/signature');
const { handleEvent } = require('../services/eventHandler');
const logger = require('../utils/logger');
const { BOT_SECRET } = require('../config');

router.post('/webhook', (req, res) => {
  logger.info('收到 Webhook 请求');
  const signature = req.headers['x-signature-ed25519'];
  const timestamp = req.headers['x-signature-timestamp'];
  const rawBody = req.rawBody;
  const body = req.body;

  // 回调地址验证
  if (body?.op === 13 && body.d) {
    const { plain_token, event_ts } = body.d;
    if (!BOT_SECRET) {
      logger.error('未配置 BOT_SECRET');
      return res.status(500).send('未配置 BOT_SECRET');
    }
    const signature = generateCallbackSignature(event_ts, plain_token);
    logger.info('回调校验签名生成成功');
    return res.json({ plain_token, signature });
  }

  // 普通事件签名校验
  if (!signature || !timestamp || !rawBody) {
    logger.error('缺少签名参数');
    return res.status(400).send('缺少签名参数');
  }
  if (!verifySignature(timestamp, rawBody, signature)) {
    logger.error('签名校验失败');
    return res.status(401).send('签名校验失败');
  }
  logger.info('签名校验通过');
  logger.info('收到事件:', JSON.stringify(body, null, 2));

  // 事件分发
  handleEvent(body, res);
});

module.exports = router;
feat: 添加 QQ 机器人 Webhook 对接示例项目 - 新增 .env 文件配置机器人密钥和应用信息 - 创建 .gitignore 文件忽略 node_modules 和 cert目录 - 添加 app.js 实现基本的 Webhook 功能和机器人事件处理 - 新增 eventHandler.js 处理机器人事件并自动回复消息 - 创建 config/index.js 加载环境变量配置 - 添加 logger.js 实现简单的日志记录功能 - 创建 .idea目录下的项目配置文件 - 新增 package.json 管理项目依赖和启动脚本 2025-07-24 04:17:57 +00:00			`const express = require('express');`
			`const router = express.Router();`
			`const { generateCallbackSignature, verifySignature } = require('../services/signature');`
			`const { handleEvent } = require('../services/eventHandler');`
			`const logger = require('../utils/logger');`
			`const { BOT_SECRET } = require('../config');`

			`router.post('/webhook', (req, res) => {`
			`logger.info('收到 Webhook 请求');`
			`const signature = req.headers['x-signature-ed25519'];`
			`const timestamp = req.headers['x-signature-timestamp'];`
			`const rawBody = req.rawBody;`
			`const body = req.body;`

			`// 回调地址验证`
			`if (body?.op === 13 && body.d) {`
			`const { plain_token, event_ts } = body.d;`
			`if (!BOT_SECRET) {`
			`logger.error('未配置 BOT_SECRET');`
			`return res.status(500).send('未配置 BOT_SECRET');`
			`}`
			`const signature = generateCallbackSignature(event_ts, plain_token);`
			`logger.info('回调校验签名生成成功');`
			`return res.json({ plain_token, signature });`
			`}`

			`// 普通事件签名校验`
			`if (!signature \|\| !timestamp \|\| !rawBody) {`
			`logger.error('缺少签名参数');`
			`return res.status(400).send('缺少签名参数');`
			`}`
			`if (!verifySignature(timestamp, rawBody, signature)) {`
			`logger.error('签名校验失败');`
			`return res.status(401).send('签名校验失败');`
			`}`
			`logger.info('签名校验通过');`
			`logger.info('收到事件:', JSON.stringify(body, null, 2));`

			`// 事件分发`
			`handleEvent(body, res);`
			`});`

			`module.exports = router;`