Update digest endpoint to use verifySignatureAppRouter#578
Update digest endpoint to use verifySignatureAppRouter#578elie222 merged 1 commit intoelie222:mainfrom
Conversation
|
@edulelis is attempting to deploy a commit to the Inbox Zero Team on Vercel. A member of the Team first needs to authorize it. |
WalkthroughThe updates enhance security practices around QStash endpoints by requiring signature verification using Changes
Sequence Diagram(s)sequenceDiagram
participant QStash
participant API_Endpoint as Digest Endpoint
participant Server
QStash->>API_Endpoint: POST /api/resend/digest (with signature)
API_Endpoint->>API_Endpoint: verifySignatureAppRouter(request)
alt Signature valid
API_Endpoint->>Server: Process digest email logic
Server-->>API_Endpoint: Success/Failure
API_Endpoint-->>QStash: JSON response
else Signature invalid
API_Endpoint-->>QStash: 401 Unauthorized
end
Poem
📜 Recent review detailsConfiguration used: .coderabbit.yaml 📒 Files selected for processing (3)
🧰 Additional context used📓 Path-based instructions (5)apps/web/**/*.{ts,tsx}Instructions used from: Sources:
apps/web/app/**/*Instructions used from: Sources:
**/*.{ts,tsx}Instructions used from: Sources:
.cursor/rules/*.mdcInstructions used from: Sources:
.cursor/rules/[a-z0-9\-]*.mdcInstructions used from: Sources:
🧠 Learnings (4)📓 Common learningsapps/web/app/api/resend/digest/all/route.ts (4)apps/web/app/api/resend/digest/route.ts (20).cursor/rules/security-audit.mdc (11)🧬 Code Graph Analysis (1)apps/web/app/api/resend/digest/route.ts (6)
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (2)
🔇 Additional comments (10)
✨ Finishing Touches
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. 🪧 TipsChatThere are 3 ways to chat with CodeRabbit:
SupportNeed help? Create a ticket on our support page for assistance with any issues or questions. Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments. CodeRabbit Commands (Invoked using PR comments)
Other keywords and placeholders
Documentation and Community
|
Summary by CodeRabbit
Security
Bug Fixes
Chores