ship-webhook-handler
v1.3.0
Published
Reusable webhook handler to receive shipment updates via POST endpoint
Readme
Ship Webhook Handler
A lightweight Express middleware module to standardize receiving shipment updates via a secure webhook.
✅ Features
- Easy plug-and-play webhook for your Node.js projects
- Supports optional HMAC-SHA256 signature validation via
x-signature - Accepts
shippedDate,trackingNumber,shipTrackingNumber(or custom field names) - Updates your Mongoose model automatically
- NEW: Supports updating a second schema with otherSchemaUpdates
📦 Installation
npm install ship-webhook-handler🚀 Usage
import express from "express";
import mongoose from "mongoose";
import { registerShipUpdateWebhook } from "ship-webhook-handler";
import { IndividualPayment } from "./models/IndividualPayment";
import { OrderLog } from "./models/OrderLog";
const app = express();
app.use(express.json());
registerShipUpdateWebhook(app, {
model: IndividualPayment,
authSecret: process.env.WEBHOOK_SECRET, // optional
fieldMap: {
shippedDate: "shipDate", // override if your model uses a different field
trackingNumber: "trackingNumber",
shipTrackingNumber: "trackingCode"
},
otherFields: {
status: "SHIPPED"
},
otherSchemaUpdates: {
model: OrderLog,
fieldMap: {
shippedDate: "shippedAt",
trackingNumber: "trackingNo",
shipTrackingNumber: "carrierTrackingCode"
},
otherFields: {
updatedByWebhook: true
}
}
});
📤 Webhook Format
Send a POST request to /webhook/ship-update:
{
"shippedDate": "2024-05-20T18:30:00.000Z",
"trackingNumber": "1234567890",
"shipTrackingNumber": "UPS123456US"
}Add a header if using HMAC:
x-signature: <HMAC-SHA256 of body using secret>🔒 Security
- Enable HMAC validation using the
authSecretoption. - Protects against unauthorized webhook calls.
📜 License
MIT