uploaded app.py and requirements.txt

app.py

@@ -0,0 +1,90 @@
+import os
+import hmac
+import hashlib
+from fastapi import FastAPI, Request, HTTPException, status
+from dotenv import load_dotenv
+
+# Load environment variables from .env file
+load_dotenv()
+
+# --- Configuration ---
+# It's crucial to load the secret from the environment for security
+GITHUB_WEBHOOK_SECRET = os.getenv("GITHUB_WEBHOOK_SECRET")
+
+# --- FastAPI App Initialization ---
+app = FastAPI()
+
+# --- Helper Functions ---
+async def verify_signature(request: Request):
+    """Verify that the request is from GitHub."""
+    if not GITHUB_WEBHOOK_SECRET:
+        # This is a server-side configuration error.
+        raise HTTPException(
+            status_code=status.HTTP_500_INTERNAL_SERVER_ERROR, 
+            detail="Webhook secret not configured."
+        )
+
+    # Get the signature from the headers
+    signature_header = request.headers.get("X-Hub-Signature-256")
+    if not signature_header:
+        raise HTTPException(
+            status_code=status.HTTP_400_BAD_REQUEST, 
+            detail="X-Hub-Signature-256 header is missing."
+        )
+
+    # The signature is in the format "sha256=..."
+    sha_name, signature = signature_header.split("=")
+    if sha_name != "sha256":
+        raise HTTPException(
+            status_code=status.HTTP_501_NOT_IMPLEMENTED, 
+            detail="Only sha256 signatures are supported."
+        )
+
+    # Get the raw request body
+    body = await request.body()
+
+    # Create our own signature
+    mac = hmac.new(
+        GITHUB_WEBHOOK_SECRET.encode("utf-8"),
+        msg=body,
+        digestmod=hashlib.sha256
+    )
+
+    # Compare the signatures
+    if not hmac.compare_digest(mac.hexdigest(), signature):
+        raise HTTPException(
+            status_code=status.HTTP_400_BAD_REQUEST, 
+            detail="Invalid signature."
+        )
+
+# --- API Endpoints ---
+@app.get("/")
+def read_root():
+    """A simple root endpoint to confirm the server is running."""
+    return {"message": "Docu-Pilot server is alive!"}
+
+
+@app.post("/api/github/webhook")
+async def github_webhook(request: Request):
+    """
+    This endpoint receives webhook events from GitHub.
+    It first verifies the signature to ensure the request is authentic.
+    """
+    await verify_signature(request)
+    
+    # You can get the event type from the headers
+    event_type = request.headers.get("X-GitHub-Event")
+    payload = await request.json()
+
+    if event_type == "push":
+        # In future steps, we will process the push event here.
+        # For now, we'll just log it.
+        pusher = payload.get("pusher", {}).get("name")
+        repo_name = payload.get("repository", {}).get("full_name")
+        print(f"Received a push event from {pusher} on repo {repo_name}")
+        
+    elif event_type == "ping":
+        # GitHub sends a ping event when the webhook is first set up.
+        print("Received ping event from GitHub!")
+
+    return {"status": "ok"}

requirements.txt

@@ -0,0 +1,3 @@
+fastapi
+uvicorn[standard]
+python-dotenv