· 7 years ago · Oct 28, 2018, 06:24 AM
1#!/usr/bin/env python3
2# coding: utf-8
3
4import hashlib
5import hmac
6import json
7import sqreen
8import time
9
10from flask import Flask, request, abort
11
12app = Flask(__name__)
13sqreen.start()
14
15SECRET_KEY = b'myownprivatesecretkey'
16EVENT_ID = "app.sqreen.custom.tracked_event"
17
18
19def compute_digest(data):
20 hasher = hmac.new(SECRET_KEY, data, hashlib.sha256)
21 return hasher.hexdigest()
22
23
24def check_signature_or_raise():
25 request_signature = request.headers["X-Sqreen-Integrity"]
26 request_body = request.get_data()
27
28 dig = compute_digest(request_body)
29 if not hmac.compare_digest(dig, request_signature):
30 abort(404)
31
32
33@app.route("/notify", methods=['POST'])
34def notify_event():
35 # check_signature_or_raise()
36 sqreen.track(EVENT_ID)
37 return ''
38
39# Has no effect
40if __name__ == '__main__':
41 with app.test_request_context('/notify'):
42 notify_event()