till/managarten
1
0
Fork 0
mirror of https://github.com/Memo-2023/mana-monorepo.git synced 2026-05-20 03:21:25 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 5

🐛 fix(auth): skip body parser for Stripe webhooks

Browse source 
The JSON body parser was consuming the request body before NestJS
could access the rawBody needed for Stripe webhook signature
verification. Now webhooks to /api/v1/webhooks/stripe skip the
body parser middleware.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
Till-JS 2026-02-16 12:01:24 +01:00
parent bfc2737ce5
commit d86e9031bb
15 changed files with 238 additions and 191 deletions
Download patch file Download diff file Expand all files Collapse all files

9
services/mana-core-auth/src/main.ts
View file

@ -77,7 +77,14 @@ async function bootstrap() {
app.use(cookieParser());
// Explicit body parsers for form-urlencoded (needed for OAuth2 token endpoint)
app.use(bodyParser.json());
// IMPORTANT: Skip JSON body parsing for Stripe webhooks to preserve rawBody for signature verification
app.use((req: Request, res: Response, next: NextFunction) => {
if (req.path === '/api/v1/webhooks/stripe') {
// Skip body parsing for Stripe webhooks - NestJS rawBody will be used instead
return next();
}
bodyParser.json()(req, res, next);
});
app.use(bodyParser.urlencoded({ extended: true }));
// CORS configuration