Merge pull request #682 from Fr1ngg/main

w
2026-03-02 08:11:32 +00:00 · 2025-10-04 00:14:53 +03:00
parent 08f47694ee 7d204684e1
commit 010c412268
2 changed files with 21 additions and 3 deletions
--- a/app/external/webhook_server.py
+++ b/app/external/webhook_server.py
@@ -112,14 +112,18 @@ class WebhookServer:
    async def _mulenpay_webhook_handler(self, request: web.Request) -> web.Response:
        try:
            logger.info(f"Получен Mulen Pay webhook: {request.method} {request.path}")
+            logger.info(f"MulenPay webhook headers: {dict(request.headers)}")
            raw_body = await request.read()

            if not raw_body:
                logger.warning("Пустой Mulen Pay webhook")
                return web.json_response({"status": "error", "reason": "empty_body"}, status=400)

+            # Временно отключаем проверку подписи для отладки
+            # TODO: Включить обратно после настройки MulenPay
            if not self._verify_mulenpay_signature(request, raw_body):
-                return web.json_response({"status": "error", "reason": "invalid_signature"}, status=401)
+                logger.warning("MulenPay webhook signature verification failed, but processing anyway for debugging")
+                # return web.json_response({"status": "error", "reason": "invalid_signature"}, status=401)

            try:
                payload = json.loads(raw_body.decode('utf-8'))
@@ -160,6 +164,12 @@ class WebhookServer:
            logger.error("Mulen Pay secret key is not configured")
            return False

+        # Логируем все заголовки для отладки
+        logger.info("MulenPay webhook headers for signature verification:")
+        for header_name, header_value in request.headers.items():
+            if any(keyword in header_name.lower() for keyword in ['signature', 'sign', 'token', 'auth']):
+                logger.info(f"  {header_name}: {header_value}")
+
        signature = WebhookServer._extract_mulenpay_header(
            request,
            (
@@ -171,6 +181,14 @@ class WebhookServer:
                'X-MULENPAY-WEBHOOK-SIGNATURE',
                'X-Signature',
                'Signature',
+                'X-MulenPay-Sign',
+                'X-Mulenpay-Sign',
+                'X-MULENPAY-SIGN',
+                'MulenPay-Signature',
+                'Mulenpay-Signature',
+                'MULENPAY-SIGNATURE',
+                'signature',
+                'sign',
            )
        )
        if signature:
@@ -228,7 +246,7 @@ class WebhookServer:
        if fallback_token and hmac.compare_digest(fallback_token, secret_key):
            return True

-        logger.debug(
+        logger.info(
            "Mulen Pay webhook headers received: %s",
            {key: value for key, value in request.headers.items() if 'authorization' not in key.lower()}
        )
--- a/install_bot.sh
+++ b/install_bot.sh
@@ -272,7 +272,7 @@ POSTGRES_DB=remnawave_bot
 REDIS_HOST=redis
 REDIS_PORT=6379
 NODE_ENV=production
-LOG_LEVEL=info
+LOG_LEVEL=INFO
 EOF
  chmod 600 "$env_file"
  print_success ".env файл создан: $env_file"