completionId: cgen-de118767cf4f4e0b9acecc7bb3765abb
cgen-de118767cf4f4e0b9acecc7bb3765abb
This commit is contained in:
Builder.io
parent
dd88788a26
commit
610d89867d
1 changed files with 20 additions and 18 deletions
|
|
@ -1,7 +1,9 @@
|
||||||
import { VercelRequest, VercelResponse } from "@vercel/node";
|
import { VercelRequest, VercelResponse } from "@vercel/node";
|
||||||
import { createVerify } from "crypto";
|
import { webcrypto } from "crypto";
|
||||||
|
|
||||||
export default function handler(req: VercelRequest, res: VercelResponse) {
|
const crypto = webcrypto as any;
|
||||||
|
|
||||||
|
export default async function handler(req: VercelRequest, res: VercelResponse) {
|
||||||
res.setHeader("Access-Control-Allow-Origin", "*");
|
res.setHeader("Access-Control-Allow-Origin", "*");
|
||||||
res.setHeader("Access-Control-Allow-Methods", "POST, OPTIONS");
|
res.setHeader("Access-Control-Allow-Methods", "POST, OPTIONS");
|
||||||
res.setHeader(
|
res.setHeader(
|
||||||
|
|
@ -51,19 +53,24 @@ export default function handler(req: VercelRequest, res: VercelResponse) {
|
||||||
const signatureBuffer = Buffer.from(signature, "hex");
|
const signatureBuffer = Buffer.from(signature, "hex");
|
||||||
const messageBuffer = Buffer.from(message);
|
const messageBuffer = Buffer.from(message);
|
||||||
|
|
||||||
// For Ed25519, we need to use the raw key directly
|
// Use WebCrypto API for Ed25519 verification (works in Vercel)
|
||||||
// Create a temporary PEM-formatted public key for verification
|
|
||||||
try {
|
try {
|
||||||
// Use Node.js 15+ native Ed25519 verification with raw key
|
const publicKey = await crypto.subtle.importKey(
|
||||||
const isValid = verify(
|
"raw",
|
||||||
null,
|
publicKeyBuffer,
|
||||||
messageBuffer,
|
|
||||||
{
|
{
|
||||||
key: publicKeyBuffer,
|
name: "Ed25519",
|
||||||
format: "raw" as any,
|
namedCurve: "Ed25519",
|
||||||
type: "ed25519" as any,
|
},
|
||||||
} as any,
|
false,
|
||||||
|
["verify"],
|
||||||
|
);
|
||||||
|
|
||||||
|
const isValid = await crypto.subtle.verify(
|
||||||
|
"Ed25519",
|
||||||
|
publicKey,
|
||||||
signatureBuffer,
|
signatureBuffer,
|
||||||
|
messageBuffer,
|
||||||
);
|
);
|
||||||
|
|
||||||
if (!isValid) {
|
if (!isValid) {
|
||||||
|
|
@ -71,13 +78,8 @@ export default function handler(req: VercelRequest, res: VercelResponse) {
|
||||||
return res.status(401).json({ error: "Invalid signature" });
|
return res.status(401).json({ error: "Invalid signature" });
|
||||||
}
|
}
|
||||||
} catch (err: any) {
|
} catch (err: any) {
|
||||||
// Fallback: Try with TweetNaCl-style verification
|
|
||||||
// If above fails, try creating key from raw buffer differently
|
|
||||||
console.error("[Discord] Verification error:", err?.message);
|
console.error("[Discord] Verification error:", err?.message);
|
||||||
|
return res.status(401).json({ error: "Signature verification failed" });
|
||||||
// Alternative: manual Ed25519 verification using libsodium or tweetnacl
|
|
||||||
// For now, log and continue - Discord will resend if critical
|
|
||||||
console.log("[Discord] Note: Using fallback verification method");
|
|
||||||
}
|
}
|
||||||
|
|
||||||
console.log("[Discord] Signature verified successfully");
|
console.log("[Discord] Signature verified successfully");
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue