How To Create Webhook Using Django

Posted By :Vikas Kumar |29th December 2021

What is webhook

A webhook is a HTTP callback that is set off on event of an occasion. They are useful in advising an occasion to various web applications on the web (or any organization). Think about the situation of a CI (persistent reconciliation) climate. The prerequisite there is that when a designer pushes his code changes to the store, the method involved with testing and sending needs to begin. This can be effectively accomplished with a webhook.

from django.views.decorators.http import require_http_methods

@require_http_methods(["GET", "POST"])
def hook_receiver_view(request):
    # Listens only for GET and POST requests
    # returns django.http.HttpResponseNotAllowed for other requests

    # Handle the event appropriately
    return HttpResponse('success')

This is only a basic view that acknowledges GET or POST solicitation. The view should deal with the occasion as required. Utilize this current View's URL in arranging the webhook in the application that creates the occasion. That is everything necessary to get set off to an occasion.

Security issues details

Any such call, by and large, will require pass some data and this will be done as a component of the GET or POST solicitation. Since this URL can be gotten to by anybody on the web and there is no confirmation required (which need not be the case consistently), we should be reproachful of the data passed as a feature of the solicitation.

The adage goes as to never believe the qualities sent from the customer. They could be coming from anyplace and could be a vindictive assault. The equivalent goes for webhooks. Anybody could be setting off the occasion. Continuously assess the solicitation to be certified.

@require_http_methods(["GET", "POST"])
def hook_receiver_view(request):
    user_id = request.GET.get('id', None)
    # Save the payment status
    payment = Payment.objects.get(user_id=user_id)
    payment.payment_successful = True
    payment.save()
    return HttpResponse('success')

However, pause. Since the client 'id' is passed as the URL boundary, we can't accept the installment of the client with id 'xyz' is fruitful. Anybody can make a GET demand with their id. Along these lines, the view should check that the client 'xyz' has for sure effectively finished the installment utilizing the API given by the installment passage administration. We should accomplish something like this.

@require_http_methods(["GET", "POST"])
def hook_receiver_view(request):
    user_id = request.GET.get('id', None)
    if payment_service.hasUserPaid(user_id): # This is where we are verifying the payment
        # Save the payment status
        payment = Payment.objects.get(user_id=user_id)
        payment.payment_successful = True
        payment.save()
    return HttpResponse('success')

Conclusion:

Django provides very easy and userfriendly environment to use webhooks. There are very few simple steps that can lead us to coordinate with some other service providers and play with their data on our app. It is not the end of the features but just a little part of django webhook integration section.


About Author

Vikas Kumar

Vikas is a seasoned backend developer with a strong expertise in Python.He possesses a wide range of skills such as Python, Django, Flask, HTML, CSS, Celery, Git, and AWS services and a solid understanding of various databases including MongoDB, PostgreSQL, MySQL, and DynamoDB. He has worked on several notable projects such as English-Chinese Language Translation, i_infinitytransformation, Political Content Moderation, Optical Character Recognition, Palmadoc: Document content extraction, Hey, Kaido, and ViralNation. Given his extensive experience and diverse skillset, he is adept at developing robust backend solutions.

Request For Proposal

[contact-form-7 404 "Not Found"]

Ready to innovate ? Let's get in touch

Chat With Us