Hamza/nabeh
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Deploy: 2026-05-21 18:06:46

Browse Source
This commit is contained in:
Hamza-Ayed
2026-05-21 18:06:46 +03:00
parent 71cef1de1d
commit a411acbdf6
3 changed files with 24 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
backend/app/Controllers/WhatsAppController.php
View File

@@ -52,7 +52,10 @@ class WhatsAppController extends BaseController
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_POST, true); curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $payload); curl_setopt($ch, CURLOPT_POSTFIELDS, $payload);
curl_setopt($ch, CURLOPT_HTTPHEADER, ['Content-Type: application/json']); curl_setopt($ch, CURLOPT_HTTPHEADER, [
'Content-Type: application/json',
'X-Webhook-Secret: ' . getenv('WEBHOOK_SECRET')
]);
curl_setopt($ch, CURLOPT_TIMEOUT, 5); curl_setopt($ch, CURLOPT_TIMEOUT, 5);
$result = curl_exec($ch); $result = curl_exec($ch);
$httpCode = curl_getinfo($ch, CURLINFO_HTTP_CODE); $httpCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
@@ -92,7 +95,10 @@ class WhatsAppController extends BaseController
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_POST, true); curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $payload); curl_setopt($ch, CURLOPT_POSTFIELDS, $payload);
curl_setopt($ch, CURLOPT_HTTPHEADER, ['Content-Type: application/json']); curl_setopt($ch, CURLOPT_HTTPHEADER, [
'Content-Type: application/json',
'X-Webhook-Secret: ' . getenv('WEBHOOK_SECRET')
]);
curl_setopt($ch, CURLOPT_TIMEOUT, 5); curl_setopt($ch, CURLOPT_TIMEOUT, 5);
curl_exec($ch); curl_exec($ch);
curl_close($ch); curl_close($ch);

4
whatsapp-gateway/baileys-client.js
View File

@@ -12,7 +12,7 @@ if (!fs.existsSync(SESSIONS_DIR)) {
fs.mkdirSync(SESSIONS_DIR, { recursive: true }); fs.mkdirSync(SESSIONS_DIR, { recursive: true });
} }
const WEBHOOK_SECRET = process.env.WEBHOOK_SECRET || 'YOUR_SECRET_KEY_HERE'; const WEBHOOK_SECRET = process.env.WEBHOOK_SECRET;
async function sendWebhook(webhook_url, payload) { async function sendWebhook(webhook_url, payload) {
try { try {
@@ -96,7 +96,7 @@ async function startSession(session_key, webhook_url) {
async function disconnectSession(session_key) { async function disconnectSession(session_key) {
const sock = sessions.get(session_key); const sock = sessions.get(session_key);
if (sock) { if (sock) {
try { sock.logout(); } catch (e) {} // best effort try { sock.logout(); } catch (e) { } // best effort
sessions.delete(session_key); sessions.delete(session_key);
} }

11
whatsapp-gateway/server.js
View File

@@ -28,11 +28,20 @@ app.use(express.json());
const PORT = process.env.PORT || 3722; const PORT = process.env.PORT || 3722;
// Health check endpoint // Health check endpoint (Public)
app.get('/health', (req, res) => { app.get('/health', (req, res) => {
res.json({ status: 'healthy', service: 'Nabeh WhatsApp Gateway' }); res.json({ status: 'healthy', service: 'Nabeh WhatsApp Gateway' });
}); });
// Security Middleware: Protect all /api/ routes
app.use('/api', (req, res, next) => {
const secret = req.header('X-Webhook-Secret');
if (!process.env.WEBHOOK_SECRET || secret !== process.env.WEBHOOK_SECRET) {
return res.status(403).json({ error: 'Unauthorized gateway access' });
}
next();
});
// Start or retrieve a session // Start or retrieve a session
app.post('/api/sessions/start', async (req, res) => { app.post('/api/sessions/start', async (req, res) => {
const { session_key, webhook_url } = req.body; const { session_key, webhook_url } = req.body;