I have set up a webhook to receive POST requests from the Active Campaign API in order to update my CRM data.
The problem is that Active Campaign doesn't send any token or credential information with the POST request, so I cannot be sure that the request is really coming from them.
Is there a way in Django to check where the request is coming from, in order to prevent anyone from sending POST data to this webhook?
Related
I'm looking for any tutorials or blogs related to Auth and Cookie managemnt in postman app. I'm new to Postman so need some guidance.
I'm currently testing an API that follows the following workflow.
visiting portal.site.com it redirects to login.site.com and sets X-csrf token & cookies to it, The login is performed in two steps 1 verify email and then verify password to login and once login is validated you're redirets back to portal.site.com
I have created a postman collection it has 5 total requests
1) GET Visiting portal.site.com
2) POST Login Email Validation on login.site.com
3) POST Login Password Validation on login.site.com
4) GET Redirected back to portal.site.com
5) POST Get Profile Data in JSON response on portal.site.com
I need to validate the last request and get the data in response. This can only happen when login is done properly in above requests and cookies are set properly on portal.site.com via login at login.site.com.
If you can share any options on how to do it, I'll be really thankful.
What you are describing is the authorization-code workflow of OAuth2.
https://auth0.com/docs/flows/authorization-code-flow
Postman supports it as a built-in feature.
I am using Dialogflow V1 with Django as the webhook target. The trouble I am having is that one of the Dialogflow servers somehow caches the cookie/sessionid and sends to the webhook every time, which is wrong.
In one of the webhook calls, my server creates a new user and logs in the user which in turn writes sessionid to the request cookie. Somehow the session/cookie will be cached by that particular DialogFlow server, and that server always sends the same sessionid/cookie to the webhook. With the sessionid, Django auto-login the request with the same user, which causes problems.
I tried the flowing ways to remove the cached cookie, but all failed
unset cookies
logout user: logout(request)
try to find a config in Dialogflow
Interestingly, only that particular server sends the wrong request, which causes our chat breaks intermittently.
I am using Hybris 6.5. I have published yform on storefront.
Now problem is, When I click on submit(save) button for saving form data I want to fetch customer data which is currentlly logged in System but for getting data I need to fetch cookies first.
To fetch cookies I need http request which comes from submitting save button on published form.
I have build an eCommerce website using emberjs with ember-data-1.8.0.On Api side i am using Hapijs.
I have integrated Payu payment gateway with it,but i am not able to handle response send by payu.After payment payu send a post response to given route of ember, but How will i handle this response and will get all payload so i can send request to my hapi server.
i have no clue how to do it, if there is some doc or example of integrating payment gateway and emberjs, please mention it also.
Thanks
Ember is a client side framework, Payu will not be able to send a "post" request to ember it may perform it on your Hapijs backend however. Then you have many options to check events on your backend from your frontend for example through sockets or via a setInterval which queries a given page every N seconds.
The use case:
User makes order his payment gets accepted and his details are getting post to a django's view. Using these details django's view creates user and everything that is necessary (Username and password is provided by me). Then before returning it sends email to clients email with his data (Username and password for now).
But sometimes I get a gateway timeout error from apache(app is deployed on openshift). Because the user is created I assume that the timeout comes from the email sending part. How can I make sure everything went ok and inform the user? How can I make sure that if the email isn't sent I can resend it? What is the best practice at that?
If you have timeouts with an API or Service, you should fire your POST / sendmail request with AJAX...
Serialize the whole form (like jQuery's serialize())
Send that data via AJAX (with jQuery's ajax())
Inform the User of success or error (alert() or jQuery UI dialog)
You can find a lot of examples on this website.
Another "dirty" approach would be to add the attribute target="_blank" to your form tag what opens your lazy request in a new tab / window.