Webhook Handler

import { verifyWebhookSignature } from "rooaak";

export async function POST(req: Request) {
  const rawBody = await req.text();
  const signature = req.headers.get("x-rooaak-signature") ?? "";

  const valid = await verifyWebhookSignature(
    rawBody,
    signature,
    process.env.ROOAAK_WEBHOOK_SECRET!
  );

  if (!valid) return new Response("invalid signature", { status: 401 });

  const event = JSON.parse(rawBody);
  // handle event.event + event.data
  return new Response("ok", { status: 200 });
}