{"id":18387,"library":"gittoken-api-middleware","title":"GitToken Express API Middleware","description":"Express middleware for validating GitHub webhook payloads using GitToken's Ethereum-based token system (v0.2.x). Provides HMAC signature verification with the webhook secret stored on-chain via ERC20 tokens. Key differentiator: integrates blockchain-based authorization directly into webhook handling, enabling token-gated CI/CD pipelines. Compatible with Express 4.x. Not suitable for non-GitHub webhooks or stateless applications. Release cadence: monthly updates.","status":"active","version":"0.2.22","language":"javascript","source_language":"en","source_url":"ssh://git@github.com/git-token/api-middleware","tags":["javascript","GitToken","Ethereum","ERC20","GitHub","Git"],"install":[{"cmd":"npm install gittoken-api-middleware","lang":"bash","label":"npm"},{"cmd":"yarn add gittoken-api-middleware","lang":"bash","label":"yarn"},{"cmd":"pnpm add gittoken-api-middleware","lang":"bash","label":"pnpm"}],"dependencies":[{"reason":"Express middleware framework","package":"express","optional":false},{"reason":"Ethereum interaction","package":"web3","optional":false}],"imports":[{"note":"ESM default export; require() needs .default","wrong":"const gittokenApiMiddleware = require('gittoken-api-middleware').default","symbol":"gittokenApiMiddleware","correct":"import gittokenApiMiddleware from 'gittoken-api-middleware'"}],"quickstart":{"code":"import express from 'express';\nimport gittokenApiMiddleware from 'gittoken-api-middleware';\n\nconst app = express();\nconst contractAddress = process.env.GTK_CONTRACT_ADDRESS ?? '0x...';\nconst accountKey = process.env.GTK_ACCOUNT_KEY ?? '';\n\napp.post('/webhook', express.raw({type: 'application/json'}), gittokenApiMiddleware({ contractAddress, accountKey }), (req, res) => {\n  const payload = JSON.parse(req.body);\n  console.log('Valid webhook:', payload);\n  res.status(200).end();\n});\n\napp.listen(3000, () => console.log('Server running'));","lang":"javascript","description":"Sets up Express server with GitToken middleware validating GitHub webhooks using on-chain secret."},"warnings":[{"fix":"Use express.raw() or body-parser with verify option to keep raw buffer","message":"Middleware requires raw body to be parsed after the middleware, not before","severity":"gotcha","affected_versions":">=0.1.0"},{"fix":"Pin exact version in package.json","message":"Version 0.x may change API without notice","severity":"deprecated","affected_versions":">=0.0.0 <1.0.0"}],"env_vars":null,"last_verified":"2026-04-25T00:00:00.000Z","next_check":"2026-07-24T00:00:00.000Z","problems":[{"fix":"Use const { default: gittokenApiMiddleware } = require('gittoken-api-middleware');","cause":"Default import mismatch when using CommonJS","error":"TypeError: gittokenApiMiddleware is not a function"},{"fix":"Ensure express.raw() is used before middleware and body is JSON","cause":"Raw body not passed to middleware correctly","error":"Invalid webhook signature"}],"ecosystem":"npm","meta_description":null,"install_score":null,"install_tag":null,"quickstart_score":null,"quickstart_tag":null}