package public import ( "net/http" "time" "github.com/gin-gonic/gin" "github.com/mattnite/forgejo-tickets/internal/forgejo" "github.com/mattnite/forgejo-tickets/internal/models" "github.com/rs/zerolog/log" ) type WebhookHandler struct { deps Dependencies } func (h *WebhookHandler) HandleForgejoWebhook(c *gin.Context) { repoSlug := c.Param("repoSlug") var repo models.Repo if err := h.deps.DB.Where("slug = ?", repoSlug).First(&repo).Error; err != nil { log.Error().Msgf("webhook: unknown repo slug %q", repoSlug) c.String(http.StatusNotFound, "Unknown repo") return } body, err := forgejo.VerifyWebhookSignature(c.Request, repo.WebhookSecret) if err != nil { log.Error().Err(err).Msgf("webhook: signature verification failed for %q", repoSlug) c.String(http.StatusUnauthorized, "Invalid signature") return } if !repo.WebhookVerified { now := time.Now() h.deps.DB.Model(&repo).Updates(map[string]interface{}{ "webhook_verified": true, "webhook_verified_at": now, }) log.Info().Msgf("webhook: marked repo %q as verified", repoSlug) } payload, err := forgejo.ParseWebhookPayload(body) if err != nil { log.Error().Err(err).Msg("webhook: parse error") c.String(http.StatusBadRequest, "Invalid payload") return } // Determine event type from header eventType := c.GetHeader("X-Forgejo-Event") switch eventType { case "issues": h.handleIssueEvent(c, &repo, payload) case "issue_comment": h.handleCommentEvent(c, &repo, payload) default: // For unrecognized events or legacy (no header), try issue events if payload.Action == "closed" || payload.Action == "reopened" { h.handleIssueEvent(c, &repo, payload) } else { c.Status(http.StatusOK) } } } func (h *WebhookHandler) handleIssueEvent(c *gin.Context, repo *models.Repo, payload *forgejo.WebhookPayload) { if payload.Action != "closed" { c.Status(http.StatusOK) return } var ticket models.Ticket if err := h.deps.DB.Where("repo_id = ? AND forgejo_issue_number = ?", repo.ID, payload.Issue.Number).First(&ticket).Error; err != nil { log.Info().Msgf("webhook: no ticket found for repo %s issue #%d", repo.Slug, payload.Issue.Number) c.Status(http.StatusOK) return } // Send email notification to ticket owner var user models.User if err := h.deps.DB.First(&user, "id = ?", ticket.UserID).Error; err == nil { go func() { if err := h.deps.EmailClient.SendTicketClosedNotification( user.Email, user.Name, payload.Issue.Title, ticket.ID.String(), ); err != nil { log.Error().Err(err).Msg("webhook: send notification error") } }() } c.Status(http.StatusOK) } func (h *WebhookHandler) handleCommentEvent(c *gin.Context, repo *models.Repo, payload *forgejo.WebhookPayload) { if payload.Action != "created" { c.Status(http.StatusOK) return } // Skip comments posted by the bot (customer comments) if payload.Comment.User.Login == h.deps.ForgejoClient.BotLogin { c.Status(http.StatusOK) return } // This is a team reply — find the ticket and notify the customer var ticket models.Ticket if err := h.deps.DB.Where("repo_id = ? AND forgejo_issue_number = ?", repo.ID, payload.Issue.Number).First(&ticket).Error; err != nil { log.Info().Msgf("webhook: no ticket found for repo %s issue #%d", repo.Slug, payload.Issue.Number) c.Status(http.StatusOK) return } var user models.User if err := h.deps.DB.First(&user, "id = ?", ticket.UserID).Error; err == nil { go func() { if err := h.deps.EmailClient.SendTicketReplyNotification( user.Email, user.Name, payload.Issue.Title, ticket.ID.String(), ); err != nil { log.Error().Err(err).Msg("webhook: send reply notification error") } }() } c.Status(http.StatusOK) }