Datasette plugin to write to database via verified webhooks
Install this plugin in the same environment as Datasette.
$ datasette install datasette-webhook-write
This plugin allows writing to a datasette database via hmac-signed http POST calls.
Example for metadata.yml (for usage to receive texts from https://nlg.ax/):
plugins:
datasette-webhook-write:
webhook_secret:
"$env": "WEBHOOK_SECRET"
http_header_name: "x-myax-signature"
database_name: "example"
table_name: "generated_texts"
use_pk:
- "uid"
- "collection_id"
WEBHOOK_SECRET
is set as environment variable.
The url to upload to the datasette instance is /-/webhook-write/
.
The json data pushed has to be signed with the WEBHOOK_SECRET
and added to the headers of the POST call.
Generate the hmac signature (where document
is the data you want to send, and WEBHOOK_SECRET
is the secret only pushing+receving parties should know):
digest = hmac.new(
key=WEBHOOK_SECRET.encode(),
msg=json.dumps(document).encode(),
digestmod=hashlib.sha1,
)
header = {
"X-SIGNATURE": f"sha1={digest.hexdigest()}",
}
The pushed data is written to the database only when secret+document are generating the same digest.
To set up this plugin locally, first checkout the code. Then create a new virtual environment:
cd datasette-webhook-write
python -m venv venv
source venv/bin/activate
Now install the dependencies and test dependencies:
python -m pip install -e '.[test]'
To run the tests:
pytest