From 451cc382d2b27efddd2791505f9d07307532f99a Mon Sep 17 00:00:00 2001
From: Wojciech Kubicki <wojkub1@st.amu.edu.pl>
Date: Fri, 26 May 2023 17:42:03 +0200
Subject: [PATCH] cleaned up code

---
 app.py | 15 +--------------
 1 file changed, 1 insertion(+), 14 deletions(-)

diff --git a/app.py b/app.py
index 9d4a352..4558a8b 100644
--- a/app.py
+++ b/app.py
@@ -6,22 +6,18 @@ import os
 
 app = Flask(__name__)
 
-# Secret key used for HMAC signature verification
 secret_token = os.environ.get('SECRET_TOKEN')
 
 @app.route('/webhook', methods=['POST'])
 def webhook():
-    # Check if the received webhook is from Git
     if request.headers.get('X-GitHub-Event') == 'push':
-        # Verify HMAC signature
+        
         signature = request.headers.get('X-Hub-Signature-256')
         if verify_signature(request.data, signature, secret_token):
             return 'Invalid HMAC signature.', 400
 
-        # Pull the latest changes from Git
         subprocess.run(['git', 'pull'])
         
-        # Restart the example_app
         subprocess.run(['systemctl', 'restart', 'restart_this_app.service'])
 
         return 'Success!', 200
@@ -32,15 +28,6 @@ def webhook():
 
 # https://docs.github.com/en/enterprise-server@3.6/webhooks-and-events/webhooks/securing-your-webhooks#python-example
 def verify_signature(payload_body, signature_header, secret_token):
-    """Verify that the payload was sent from GitHub by validating SHA256.
-    
-    Raise and return 403 if not authorized.
-    
-    Args:
-        payload_body: original request body to verify (request.body())
-        secret_token: GitHub app webhook token (WEBHOOK_SECRET)
-        signature_header: header received from GitHub (x-hub-signature-256)
-    """
     if not signature_header:
         return False