liangxj/assistant-storefront
1
0
Fork 0
Code Issues Pull Requests Actions 3 Packages Projects Releases Wiki Activity
Files
4bd11c0ecca09038b3db37aabcb400e41b7273c5
assistant-storefront/app/controllers/api/v1/widget/contacts_controller.rb
Liang XJ 092fb2e083
Some checks failed
Lock Threads / action (push) Has been cancelled
Details
Mark stale issues and pull requests / stale (push) Has been cancelled
Details
Publish Chatwoot EE docker images / build (linux/amd64, ubuntu-latest) (push) Has been cancelled
Details
Publish Chatwoot EE docker images / build (linux/arm64, ubuntu-22.04-arm) (push) Has been cancelled
Details
Publish Chatwoot EE docker images / merge (push) Has been cancelled
Details
Publish Chatwoot CE docker images / build (linux/amd64, ubuntu-latest) (push) Has been cancelled
Details
Publish Chatwoot CE docker images / build (linux/arm64, ubuntu-22.04-arm) (push) Has been cancelled
Details
Publish Chatwoot CE docker images / merge (push) Has been cancelled
Details
Run Chatwoot CE spec / lint-backend (push) Has been cancelled
Details
Run Chatwoot CE spec / lint-frontend (push) Has been cancelled
Details
Run Chatwoot CE spec / frontend-tests (push) Has been cancelled
Details
Run Chatwoot CE spec / backend-tests (0, 16) (push) Has been cancelled
Details
Run Chatwoot CE spec / backend-tests (1, 16) (push) Has been cancelled
Details
Run Chatwoot CE spec / backend-tests (10, 16) (push) Has been cancelled
Details
Run Chatwoot CE spec / backend-tests (11, 16) (push) Has been cancelled
Details
Run Chatwoot CE spec / backend-tests (12, 16) (push) Has been cancelled
Details
Run Chatwoot CE spec / backend-tests (13, 16) (push) Has been cancelled
Details
Run Chatwoot CE spec / backend-tests (14, 16) (push) Has been cancelled
Details
Run Chatwoot CE spec / backend-tests (15, 16) (push) Has been cancelled
Details
Run Chatwoot CE spec / backend-tests (2, 16) (push) Has been cancelled
Details
Run Chatwoot CE spec / backend-tests (3, 16) (push) Has been cancelled
Details
Run Chatwoot CE spec / backend-tests (4, 16) (push) Has been cancelled
Details
Run Chatwoot CE spec / backend-tests (5, 16) (push) Has been cancelled
Details
Run Chatwoot CE spec / backend-tests (6, 16) (push) Has been cancelled
Details
Run Chatwoot CE spec / backend-tests (7, 16) (push) Has been cancelled
Details
Run Chatwoot CE spec / backend-tests (8, 16) (push) Has been cancelled
Details
Run Chatwoot CE spec / backend-tests (9, 16) (push) Has been cancelled
Details
Run Linux nightly installer / nightly (push) Has been cancelled
Details
Initial commit: Add logistics and order_detail message types 
- Add Logistics component with progress tracking
- Add OrderDetail component for order information
- Support data-driven steps and actions
- Add blue color scale to widget SCSS
- Fix node overflow and progress bar rendering issues
- Add English translations for dashboard components

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-01-26 11:16:56 +08:00

77 lines
2.1 KiB
Ruby
Raw Blame History

class Api::V1::Widget::ContactsController < Api::V1::Widget::BaseController
include WidgetHelper
before_action :validate_hmac, only: [:set_user]
def show; end
def update
identify_contact(@contact)
end
def set_user
contact = nil
if a_different_contact?
@contact_inbox, @widget_auth_token = build_contact_inbox_with_token(@web_widget)
contact = @contact_inbox.contact
else
contact = @contact
end
@contact_inbox.update(hmac_verified: true) if should_verify_hmac? && valid_hmac?
identify_contact(contact)
end
# TODO : clean up this with proper routes delete contacts/custom_attributes
def destroy_custom_attributes
@contact.custom_attributes = @contact.custom_attributes.excluding(params[:custom_attributes])
@contact.save!
render json: @contact
end
private
def identify_contact(contact)
contact_identify_action = ContactIdentifyAction.new(
contact: contact,
params: permitted_params.to_h.deep_symbolize_keys,
discard_invalid_attrs: true
)
@contact = contact_identify_action.perform
end
def a_different_contact?
@contact.identifier.present? && @contact.identifier != permitted_params[:identifier]
end
def validate_hmac
return unless should_verify_hmac?
render json: { error: 'HMAC failed: Invalid Identifier Hash Provided' }, status: :unauthorized unless valid_hmac?
end
def should_verify_hmac?
return false if params[:identifier_hash].blank? && !@web_widget.hmac_mandatory
# Taking an extra caution that the hmac is triggered whenever identifier is present
return false if params[:custom_attributes].present? && params[:identifier].blank?
true
end
def valid_hmac?
params[:identifier_hash] == OpenSSL::HMAC.hexdigest(
'sha256',
@web_widget.hmac_token,
params[:identifier].to_s
)
end
def permitted_params
params.permit(:website_token, :identifier, :identifier_hash, :email, :name, :avatar_url, :phone_number, custom_attributes: {},
additional_attributes: {})
end
end
Reference in New Issue View Git Blame Copy Permalink