In the end, he went in a non-standard way. BodyParser offers a parameter like verify♪ It can be accessed Buffer and add it Express.Request♪ It was like,var express = require('express'),
router = express.Router(),
crypto = require("crypto"),
User = require("../../../models/User").User,
bodyparser = require("body-parser");
rootApp.use(bodyParser.urlencoded(({verify: (req, res, buf, encoding) => {
req.bodyRaw = buf;
}})));
function calculateSignature(key) {
return function(req, res, next) {
var hash = req.header("TrialPay-HMAC-MD5"),
hmac = crypto.createHmac("md5", key);
console.log(req.bodyRaw);
hmac.update(req.bodyRaw)
var crypted = hmac.digest("hex");
if(crypted === hash) {
// Valid request
User.findOne({
_id: req.body.user_id
}, function (err, data) {
if (err || !data) return res.error(500, "Internal server error");
data.deposit(req.body.amount / 100, false, "TrialPay Reward: "+req.body.oid, "offers", true);
return res.send("1");
});
} else {
// Invalid request
return res.send("Invalid TrialPay hash", { "Content-Type": "text/plain" }, 403);
}
}
}
router.post("/", calculateSignature("[YOUR_KEY_HERE]"));
module.exports = router;
Thank you for your help and excuses.