shellphone.app/app/messages/api/webhook/incoming-message.ts

import type { BlitzApiRequest, BlitzApiResponse } from "blitz";
import { getConfig } from "blitz";
import twilio from "twilio";

import type { ApiError } from "../../../_types";
import appLogger from "../../../../integrations/logger";
import db from "../../../../db";
import insertIncomingMessageQueue from "../queue/insert-incoming-message";

const logger = appLogger.child({ route: "/api/webhook/incoming-message" });
const { serverRuntimeConfig } = getConfig();

export default async function incomingMessageHandler(req: BlitzApiRequest, res: BlitzApiResponse) {
	if (req.method !== "POST") {
		const statusCode = 405;
		const apiError: ApiError = {
			statusCode,
			errorMessage: `Method ${req.method} Not Allowed`,
		};
		logger.error(apiError);

		res.setHeader("Allow", ["POST"]);
		res.status(statusCode).send(apiError);
		return;
	}

	const twilioSignature = req.headers["X-Twilio-Signature"] || req.headers["x-twilio-signature"];
	if (!twilioSignature || Array.isArray(twilioSignature)) {
		const statusCode = 400;
		const apiError: ApiError = {
			statusCode,
			errorMessage: "Invalid header X-Twilio-Signature",
		};
		logger.error(apiError);

		res.status(statusCode).send(apiError);
		return;
	}

	const body: Body = req.body;
	try {
		const phoneNumbers = await db.phoneNumber.findMany({
			where: { number: body.To },
			include: { organization: true },
		});
		if (phoneNumbers.length === 0) {
			// phone number is not registered by any organization
			res.status(500).end();
			return;
		}

		const url = `https://${serverRuntimeConfig.app.baseUrl}/api/webhook/incoming-message`;
		const phoneNumber = phoneNumbers.find((phoneNumber) => {
			// if multiple organizations have the same number
			// find the organization currently using that phone number
			// maybe we shouldn't let multiple organizations use the same phone number
			const authToken = phoneNumber.organization.twilioAuthToken ?? "";
			return twilio.validateRequest(authToken, twilioSignature, url, req.body);
		});
		if (!phoneNumber) {
			const statusCode = 400;
			const apiError: ApiError = {
				statusCode,
				errorMessage: "Invalid webhook",
			};
			logger.error(apiError);

			res.status(statusCode).send(apiError);
			return;
		}

		const messageSid = body.MessageSid;
		const organizationId = phoneNumber.organization.id;
		const phoneNumberId = phoneNumber.id;
		await insertIncomingMessageQueue.enqueue(
			{
				messageSid,
				organizationId,
				phoneNumberId,
			},
			{ id: `insert-${messageSid}-${organizationId}-${phoneNumberId}` },
		);

		res.setHeader("content-type", "text/html");
		res.status(200).send("<Response></Response>");
	} catch (error) {
		const statusCode = error.statusCode ?? 500;
		const apiError: ApiError = {
			statusCode,
			errorMessage: error.message,
		};
		logger.error(error);

		res.status(statusCode).send(apiError);
	}
}

type Body = {
	ToCountry: string;
	ToState: string;
	SmsMessageSid: string;
	NumMedia: string;
	ToCity: string;
	FromZip: string;
	SmsSid: string;
	FromState: string;
	SmsStatus: string;
	FromCity: string;
	Body: string;
	FromCountry: string;
	To: string;
	ToZip: string;
	NumSegments: string;
	MessageSid: string;
	AccountSid: string;
	From: string;
	ApiVersion: string;
};
keypad and settings pages 2021-07-31 17:22:48 +00:00			`import type { BlitzApiRequest, BlitzApiResponse } from "blitz";`
insert incoming message in the background 2021-08-01 10:54:51 +00:00			`import { getConfig } from "blitz";`
reformat with prettier with semicolons and tabs 2021-07-31 15:57:43 +00:00			`import twilio from "twilio";`
migrate to blitzjs 2021-07-31 14:33:18 +00:00
move files around 2021-08-12 13:52:52 +00:00			`import type { ApiError } from "../../../_types";`
reformat with prettier with semicolons and tabs 2021-07-31 15:57:43 +00:00			`import appLogger from "../../../../integrations/logger";`
insert incoming message in the background 2021-08-01 10:54:51 +00:00			`import db from "../../../../db";`
			`import insertIncomingMessageQueue from "../queue/insert-incoming-message";`
migrate to blitzjs 2021-07-31 14:33:18 +00:00
reformat with prettier with semicolons and tabs 2021-07-31 15:57:43 +00:00			`const logger = appLogger.child({ route: "/api/webhook/incoming-message" });`
insert incoming message in the background 2021-08-01 10:54:51 +00:00			`const { serverRuntimeConfig } = getConfig();`
migrate to blitzjs 2021-07-31 14:33:18 +00:00
keypad and settings pages 2021-07-31 17:22:48 +00:00			`export default async function incomingMessageHandler(req: BlitzApiRequest, res: BlitzApiResponse) {`
migrate to blitzjs 2021-07-31 14:33:18 +00:00			`if (req.method !== "POST") {`
reformat with prettier with semicolons and tabs 2021-07-31 15:57:43 +00:00			`const statusCode = 405;`
migrate to blitzjs 2021-07-31 14:33:18 +00:00			`const apiError: ApiError = {`
			`statusCode,`
			errorMessage: `Method ${req.method} Not Allowed`,
reformat with prettier with semicolons and tabs 2021-07-31 15:57:43 +00:00			`};`
			`logger.error(apiError);`
migrate to blitzjs 2021-07-31 14:33:18 +00:00
reformat with prettier with semicolons and tabs 2021-07-31 15:57:43 +00:00			`res.setHeader("Allow", ["POST"]);`
			`res.status(statusCode).send(apiError);`
			`return;`
migrate to blitzjs 2021-07-31 14:33:18 +00:00			`}`

reformat with prettier with semicolons and tabs 2021-07-31 15:57:43 +00:00			`const twilioSignature = req.headers["X-Twilio-Signature"] \|\| req.headers["x-twilio-signature"];`
migrate to blitzjs 2021-07-31 14:33:18 +00:00			`if (!twilioSignature \|\| Array.isArray(twilioSignature)) {`
reformat with prettier with semicolons and tabs 2021-07-31 15:57:43 +00:00			`const statusCode = 400;`
migrate to blitzjs 2021-07-31 14:33:18 +00:00			`const apiError: ApiError = {`
			`statusCode,`
			`errorMessage: "Invalid header X-Twilio-Signature",`
reformat with prettier with semicolons and tabs 2021-07-31 15:57:43 +00:00			`};`
			`logger.error(apiError);`
migrate to blitzjs 2021-07-31 14:33:18 +00:00
reformat with prettier with semicolons and tabs 2021-07-31 15:57:43 +00:00			`res.status(statusCode).send(apiError);`
			`return;`
migrate to blitzjs 2021-07-31 14:33:18 +00:00			`}`

insert incoming message in the background 2021-08-01 10:54:51 +00:00			`const body: Body = req.body;`
migrate to blitzjs 2021-07-31 14:33:18 +00:00			`try {`
multi tenancy stuff 2021-08-05 17:07:15 +00:00			`const phoneNumbers = await db.phoneNumber.findMany({`
			`where: { number: body.To },`
			`include: { organization: true },`
reformat with prettier with semicolons and tabs 2021-07-31 15:57:43 +00:00			`});`
multi tenancy stuff 2021-08-05 17:07:15 +00:00			`if (phoneNumbers.length === 0) {`
			`// phone number is not registered by any organization`
replace early returns with NotFoundError test /api/webhook/incoming-message 2021-08-02 13:43:27 +00:00			`res.status(500).end();`
handle incoming sms 2021-08-01 10:36:32 +00:00			`return;`
			`}`

insert incoming message in the background 2021-08-01 10:54:51 +00:00			const url = `https://${serverRuntimeConfig.app.baseUrl}/api/webhook/incoming-message`;
multi tenancy stuff 2021-08-05 17:07:15 +00:00			`const phoneNumber = phoneNumbers.find((phoneNumber) => {`
			`// if multiple organizations have the same number`
			`// find the organization currently using that phone number`
			`// maybe we shouldn't let multiple organizations use the same phone number`
			`const authToken = phoneNumber.organization.twilioAuthToken ?? "";`
			`return twilio.validateRequest(authToken, twilioSignature, url, req.body);`
			`});`
			`if (!phoneNumber) {`
reformat with prettier with semicolons and tabs 2021-07-31 15:57:43 +00:00			`const statusCode = 400;`
migrate to blitzjs 2021-07-31 14:33:18 +00:00			`const apiError: ApiError = {`
			`statusCode,`
			`errorMessage: "Invalid webhook",`
reformat with prettier with semicolons and tabs 2021-07-31 15:57:43 +00:00			`};`
			`logger.error(apiError);`
migrate to blitzjs 2021-07-31 14:33:18 +00:00
reformat with prettier with semicolons and tabs 2021-07-31 15:57:43 +00:00			`res.status(statusCode).send(apiError);`
			`return;`
migrate to blitzjs 2021-07-31 14:33:18 +00:00			`}`

handle incoming sms 2021-08-01 10:36:32 +00:00			`const messageSid = body.MessageSid;`
multi tenancy stuff 2021-08-05 17:07:15 +00:00			`const organizationId = phoneNumber.organization.id;`
			`const phoneNumberId = phoneNumber.id;`
			`await insertIncomingMessageQueue.enqueue(`
			`{`
			`messageSid,`
			`organizationId,`
			`phoneNumberId,`
			`},`
			{ id: `insert-${messageSid}-${organizationId}-${phoneNumberId}` },
			`);`
insert incoming message in the background 2021-08-01 10:54:51 +00:00
replace early returns with NotFoundError test /api/webhook/incoming-message 2021-08-02 13:43:27 +00:00			`res.setHeader("content-type", "text/html");`
			`res.status(200).send("<Response></Response>");`
migrate to blitzjs 2021-07-31 14:33:18 +00:00			`} catch (error) {`
reformat with prettier with semicolons and tabs 2021-07-31 15:57:43 +00:00			`const statusCode = error.statusCode ?? 500;`
migrate to blitzjs 2021-07-31 14:33:18 +00:00			`const apiError: ApiError = {`
			`statusCode,`
			`errorMessage: error.message,`
reformat with prettier with semicolons and tabs 2021-07-31 15:57:43 +00:00			`};`
			`logger.error(error);`
migrate to blitzjs 2021-07-31 14:33:18 +00:00
reformat with prettier with semicolons and tabs 2021-07-31 15:57:43 +00:00			`res.status(statusCode).send(apiError);`
migrate to blitzjs 2021-07-31 14:33:18 +00:00			`}`
			`}`

handle incoming sms 2021-08-01 10:36:32 +00:00			`type Body = {`
			`ToCountry: string;`
			`ToState: string;`
			`SmsMessageSid: string;`
			`NumMedia: string;`
			`ToCity: string;`
			`FromZip: string;`
			`SmsSid: string;`
			`FromState: string;`
			`SmsStatus: string;`
			`FromCity: string;`
			`Body: string;`
			`FromCountry: string;`
			`To: string;`
			`ToZip: string;`
			`NumSegments: string;`
			`MessageSid: string;`
			`AccountSid: string;`
			`From: string;`
			`ApiVersion: string;`
			`};`