43 lines
1.4 KiB
JavaScript
43 lines
1.4 KiB
JavaScript
const express = require('express');
|
|
const router = express.Router();
|
|
const { generateCallbackSignature, verifySignature } = require('../services/signature');
|
|
const { handleEvent } = require('../services/eventHandler');
|
|
const logger = require('../utils/logger');
|
|
const { BOT_SECRET } = require('../config');
|
|
|
|
router.post('/webhook', (req, res) => {
|
|
logger.info('收到 Webhook 请求');
|
|
const signature = req.headers['x-signature-ed25519'];
|
|
const timestamp = req.headers['x-signature-timestamp'];
|
|
const rawBody = req.rawBody;
|
|
const body = req.body;
|
|
|
|
// 回调地址验证
|
|
if (body?.op === 13 && body.d) {
|
|
const { plain_token, event_ts } = body.d;
|
|
if (!BOT_SECRET) {
|
|
logger.error('未配置 BOT_SECRET');
|
|
return res.status(500).send('未配置 BOT_SECRET');
|
|
}
|
|
const signature = generateCallbackSignature(event_ts, plain_token);
|
|
logger.info('回调校验签名生成成功');
|
|
return res.json({ plain_token, signature });
|
|
}
|
|
|
|
// 普通事件签名校验
|
|
if (!signature || !timestamp || !rawBody) {
|
|
logger.error('缺少签名参数');
|
|
return res.status(400).send('缺少签名参数');
|
|
}
|
|
if (!verifySignature(timestamp, rawBody, signature)) {
|
|
logger.error('签名校验失败');
|
|
return res.status(401).send('签名校验失败');
|
|
}
|
|
logger.info('签名校验通过');
|
|
logger.info('收到事件:', JSON.stringify(body, null, 2));
|
|
|
|
// 事件分发
|
|
handleEvent(body, res);
|
|
});
|
|
|
|
module.exports = router;
|