Merge pull request #20 from systemli/Adjust-Signature-Header

0x46616c6b · web-flow · commit 8a0bb853ce2f · 2025-11-08T15:43:58.000+01:00
♻️ Adjust Signature Header
diff --git a/server.go b/server.go
@@ -88,7 +88,7 @@ func (s *Server) Authmiddleware(next http.Handler) http.Handler {
 	secret := s.webhookSecret
 
 	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-		signature := r.Header.Get("X-Signature")
+		signature := r.Header.Get("X-Webhook-Signature")
 		if signature == "" {
 			http.Error(w, "Missing signature header", http.StatusUnauthorized)
 			return
diff --git a/server_test.go b/server_test.go
@@ -133,7 +133,7 @@ func (s *ServerSuite) TestAuthMiddleware() {
 		validSignature := hex.EncodeToString(mac.Sum(nil))
 
 		req := httptest.NewRequest("POST", "/userli", bytes.NewBuffer(payload))
-		req.Header.Set("X-Signature", validSignature)
+		req.Header.Set("X-Webhook-Signature", validSignature)
 
 		rr := httptest.NewRecorder()
 		wrappedHandler := s.server.Authmiddleware(http.HandlerFunc(handler))
@@ -145,7 +145,7 @@ func (s *ServerSuite) TestAuthMiddleware() {
 	s.Run("invalid token", func() {
 		payload := []byte(`{"dummy":"data"}`)
 		req := httptest.NewRequest("POST", "/userli", bytes.NewBuffer(payload))
-		req.Header.Set("X-Signature", "invalid-signature")
+		req.Header.Set("X-Webhook-Signature", "invalid-signature")
 
 		rr := httptest.NewRecorder()
 		wrappedHandler := s.server.Authmiddleware(http.HandlerFunc(handler))
