Rust
If you want to verify Lagom micro transactions directly from your Rust server, you can use the following function.
This is a function we use on the Fastly Compute at Edge service that runs our demo website. It comes with a few dependencies, feel free to explore the repository to learn more about how to integrate this on your platform.
fn lagom_verify(req: &Request, page: &str, amount: i64) -> Result<(), Error> {
// extract callback params from URL, decode and parse
let lguid = req.get_query_parameter("lguid").unwrap_or_default();
let lgts = req.get_query_parameter("lgts").unwrap_or_default();
let lgsig = req.get_query_parameter("lgsig").unwrap_or_default();
let lgid = req.get_query_parameter("lgid").unwrap_or_default();
let lgamt = req.get_query_parameter("lgamt").unwrap_or_default();
// verify timestamp freshness
if chrono::Utc::now().timestamp() > lgts.parse::<i64>()? + 10 {
return err("This link has expired");
}
// check amount and page
if lgamt.parse::<i64>()? != amount || req.get_path() != page {
return err("This link is not valid");
}
// verify signature with pre shared secret
let verif = lguid.to_string() + lgid + lgts + page + lgamt;
let good = hmac_sha256::HMAC::mac(&verif.as_bytes(), SECRET);
if lgsig != hex::encode(good) {
return err("This link is not valid");
}
Ok(())
}