const express = require('express')
const crypto = require('crypto')
const bodyParser = require('body-parser')
require('dotenv').config()
const SECRET = process.env.SECRET_KEY

const app = express()
const port = 9000

const options = {
    inflate: true,
    limit: '100kb',
    type: 'application/json',
}
app.use(bodyParser.raw(options))

app.post('/buildhook', (req, res) => {
    const signature = req.headers['x-gitea-signature']
    if (!signature) {
        console.error('x-gitea-signature missing')
        return res.send()
    }

    const hmac = crypto.createHmac('sha256', SECRET)
    hmac.update(req.body)

    const payload_signature = hmac.digest('hex')
    if (signature !== payload_signature) {
        console.error('signature !== payload_signature')
        return res.send()
    }

    const json = JSON.parse(req.body.toString())
    console.log('json')
    console.log(json)
    
    // SIGNATURES MATCHES, do your thing here.
    
    res.send('success')
})

app.listen(port, () => {
  console.log(`Example app listening at http://localhost:${port}`)
})