How to use the twilio.validateExpressRequest function in twilio
To help you get started, we’ve selected a few twilio examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
chrisl8 / ArloBot / server / index.js View on Github 
app.post('/twilio', function (request, response) {
if (twilio.validateExpressRequest(request, personalData.twilio.auth_token, {url: personalData.twilio.smsWebhook})) {
var messageForRedis = {
smsText: request.body.Body,
smsTo: request.body.To,
smsFrom: request.body.From
};
console.log(messageForRedis.smsFrom, messageForRedis.smsText);
messageForRedis = JSON.stringify(messageForRedis);
// Tell Twilio we got the message, and reply to the sender
response.header('Content-Type', 'text/xml');
if (robotSubscribers.length > 0) {
socket.sockets.emit('newMessage', messageForRedis);
response.send('Got it!');
} else {
// Save the message in REDIS
client.rpush("twilio", messageForRedis);
response.send('Sorry, nobody is home, try again later.');exports.voteSMS = function(request, response) {
if (twilio.validateExpressRequest(request, config.twilio.key, {url: config.twilio.smsWebhook}) || config.disableTwilioSigCheck) {
response.header('Content-Type', 'text/xml');
var body = request.param('Body').trim();
// the number the vote it being sent to (this should match an Event)
var to = request.param('To');
// the voter, use this to keep people from voting more than once
var from = request.param('From');
events.findBy('phonenumber', to, function(err, event) {
if (err) {
console.log(err);
// silently fail for the user
response.send('');
}
else if (event.state == "off") {}
let toNumber = req.body.To.replace(/\D+/g, '');
if (toNumber.length == 10) {
toNumber = `1${toNumber}`;
}
const text = req.body.Body.replace(/["']/g, '').trim();
const MessageStatus = req.body.SmsStatus;
const MessageSID = req.body.MessageSid;
// validateRequest returns true if the request originated from Twilio
// TODO: Is there a better way than manually setting the protocol to https?
const opts = { protocol: 'https' };
// NOTE: We may need to add our own host because a port number gets added
// to the host during tests, which causes tests to fail because the
// Twilio signature we've baked into the tests doesn't match.
let validationPasses = twilio.validateExpressRequest(
req,
credentials.authToken,
opts
);
// TODO: should mock validation passing in tests instead of doing this here
if (!validationPasses && credentials.CCENV == 'testing') {
validationPasses = true;
console.log('Letting tests pass even though validation has failed!'.red);
}
if (validationPasses) {
// Log IBM Sensitivity measures
SentimentAnalysis.logIBMSentimentAnalysis(req.body);
let communication, conversations, clients, messages;function isValidRequest (req, res, pathname) {
let isValid = true;
// Only validate that requests came from Twilio when the function has been
// deployed to production.
if (process.env.NODE_ENV === 'production') {
isValid = twilio.validateExpressRequest(req, config.TWILIO_AUTH_TOKEN, {
url: `https://${region}-${projectId}.cloudfunctions.net/${pathname}`
});
}
// Halt early if the request was not sent from Twilio
if (!isValid) {
res
.type('text/plain')
.status(403)
.send('Twilio Request Validation Failed.')
.end();
}
return isValid;
}exports.reply = (req, res) => {
let isValid = true;
// Only validate that requests came from Twilio when the function has been
// deployed to production.
if (process.env.NODE_ENV === 'production') {
isValid = twilio.validateExpressRequest(req, config.TWILIO_AUTH_TOKEN, {
url: `https://${region}-${projectId}.cloudfunctions.net/reply`
});
}
// Halt early if the request was not sent from Twilio
if (!isValid) {
res
.type('text/plain')
.status(403)
.send('Twilio Request Validation Failed.')
.end();
return;
}
// Prepare a response to the SMS message
const response = new MessagingResponse();app.post('/', function (req, res) {
if (self.opts.bypassTwilioValidate || Twilio.validateExpressRequest(req, self.opts.twilio.authToken)) {
if(req.body.Body) {
console.log('[RECEIVED]', req.body.Body);
self.channel.send(req.body.Body);
}
res.send("");
} else {
var msg = 'Not verified as being from Twilio! (You may want to turn on bypassTwilioValidate if you keep getting this.)';
console.log('Error: ' + msg);
res.send(msg);
}
});app.post('/', function (req, res) {
if (self.opts.bypassTwilioValidate || Twilio.validateExpressRequest(req, self.opts.twilio.authToken)) {
if(req.body.Body) {
var body = req.body.Body;
if(req.body.MediaUrl0) {
body += " " + req.body.MediaUrl0;
}
if(req.body.MediaUrl1) {
body += " " + req.body.MediaUrl1;
}
console.log('[RECEIVED]', body);
self.channel.send(body);
}
res.send("");
} else {.then(function() {
if (!opts.valid) return;
if (false && !Twilio.validateExpressRequest(req, config.twilio.token, { url: rurl })) {
var e = new Error("Twilio Request Validation Failed.")
e.status = 403;
throw e;
}
})
.then(function() {, voteVoice = exports.voteVoice = function(request, response) {
if (twilio.validateExpressRequest(request, config.twilio.key) || config.twilio.disableSigCheck) {
response.header('Content-Type', 'text/xml');
response.render('voice');
}
else {
response.render('forbidden');
}
}
Popular twilio functions
- twilio
- twilio.AccessToken
- twilio.AccessToken.IpMessagingGrant
- twilio.AccessToken.VideoGrant
- twilio.Capability
- twilio.IpMessagingClient
- twilio.jwt
- twilio.LookupsClient
- twilio.MonitorClient
- twilio.pricing
- twilio.PricingClient
- twilio.RestClient
- twilio.TaskRouterClient
- twilio.Twilio
- twilio.twiml
- twilio.TwimlResponse
- twilio.validateExpressRequest
- twilio.validateRequest
- twilio.webhook
- twilio/lib/resources/task_router/WorkflowBuilder.WorkflowRuleTarget