Ask a question
  1. Home
  2. python - How to verify Shopify webhook in Django?

404 votes
0 answers

python - How to verify Shopify webhook in Django?

Solution:

Set these two variables in thesettings.py file

# settings.py

SHOPIFY_HMAC_HEADER = "HTTP_X_SHOPIFY_HMAC_SHA256"
SHOPIFY_API_SECRET = "5f6b6_my_secret"

Then, create a verify webhook function that accepts the Django request as it's parameter

# utils.py

import base64
import hashlib
import hmac

from django.conf import settings
from django.core.handlers.wsgi import WSGIRequest


def verify_shopify_webhook(request: WSGIRequest):
    shopify_hmac_header = request.META.get(settings.SHOPIFY_HMAC_HEADER)
    encoded_secret = settings.SHOPIFY_API_SECRET.encode("utf-8")
    digest = hmac.new(
        encoded_secret,
        request.body,
        digestmod=hashlib.sha256,
    ).digest()
    computed_hmac = base64.b64encode(digest)
    return hmac.compare_digest(computed_hmac, shopify_hmac_header.encode("utf-8"))

Then, create a view that accepts the incoming webhook and use theverify_shopify_webhook(...) function to verify the request.

# views.py

from django.http import HttpResponse
from django.utils.decorators import method_decorator
from django.views import View
from django.views.decorators.csrf import csrf_exempt

from .utils import verify_shopify_webhook


@method_decorator(csrf_exempt, name="dispatch")
class ShopifyWebhookView(View):
    def post(self, request, *args, **kwargs):
        verified = verify_shopify_webhook(request=request)
        return HttpResponse(status=200 if verified else 403)

If you're using Django REST Framework (https://www.django-rest-framework.org/), you can also use APIView as

# views.py

from rest_framework.views import APIView
from rest_framework.response import Response

from .utils import verify_shopify_webhook


class ShopifyWebhookView(APIView):
    def post(self, request, *args, **kwargs):
        verified = verify_shopify_webhook(request=request)
        return Response(status=200 if verified else 403)


Source

Didn't find the answer?

Our community is visited by hundreds of Shopify development professionals every day. Ask your question and get a quick answer for free.

Similar questions

Find the answer in similar questions on our website.

338 python - How to verify Shopify webhook in Django?
227 python - How to verify Shopify webhook in Django?
904 shopify - How to verify the Access Token on the Shopify_App splash Screen
924 python - Most efficient way to transform a JS React app/widget into a public shopify-app on the Shopify store
380 Shopify Webhook integrate with mule
920 python - Shopify API orders data
233 liquid - How to no-index specific pages on shopify? Don't want to use "contains" example for shopify, can I just type "="? And what denotes as the handle?
294 node.js - Shopify Webhook Real Time changing
425 python - Is there a way to filter Customers on Shopify by metafield value through the REST Admin API?
393 Validating Shopify webhook using nodejs and express

Write quick answer

Do you know the answer to this question? Write a quick response to it. With your help, we will make our community stronger.