Create a webhook receiver service that accepts POST requests from external services, validates webhook signatures, and processes events asynchronously.

Project Checklist

• Create endpoint to receive webhook POST requests
• Implement webhook signature verification
• Parse and validate webhook payload
• Store webhook events in database
• Process webhooks asynchronously
• Return appropriate HTTP responses

Bonus Project Checklist Items

• Add webhook retry mechanism
• Implement webhook filtering/routing
• Create webhook event replay functionality
• Add webhook testing/debugging tools
• Implement webhook event transformation
• Create webhook monitoring dashboard

Inspiration (Any companies/libraries similar)

• Stripe Webhooks
• GitHub Webhooks
• Zapier

Hint/Code snippet to start

const crypto = require('crypto');

function verifyWebhookSignature(payload, signature, secret) {
  const hmac = crypto.createHmac('sha256', secret);
  const digest = hmac.update(payload).digest('hex');
  return crypto.timingSafeEqual(Buffer.from(signature), Buffer.from(digest));
}

app.post('/webhook', express.raw({ type: 'application/json' }), (req, res) => {
  const signature = req.headers['x-webhook-signature'];
  if (!verifyWebhookSignature(req.body, signature, process.env.WEBHOOK_SECRET)) {
    return res.status(401).send('Invalid signature');
  }
  const event = JSON.parse(req.body);
  processWebhookEvent(event);
  res.status(200).send('OK');
});