#A7U-signature-verification

Are you using any middleware that could be modifying the raw body of the request?

Hm I don't think so, let me recheck

Nope, I'm using NextJS but I don't think it does anything to the raw body in the background. Does the body come beautified already from stripe or no?

here's how I'm getting the body and signature

bottom is sig

wait

// Use body-parser to retrieve the raw body as a buffer
const bodyParser = require('body-parser');``` as a buffer, that might be it 🤔

ah that's definitely it

This is a super common problem that others using node have hit - I'd suggest reading through some of the suggestions here (https://github.com/stripe/stripe-node/issues/341) and the suggestion here (https://github.com/stripe/stripe-node/issues/1294) may also be helpful since that one specifically mentions nextjs

will check it out thanks, and I've just noticed something. Verifying signature shouldn't be written in my webhook code 🤔

What do you mean?

app.post('/webhook', bodyParser.raw({type: 'application/json'}), (request, response) => {```
it's sending a post request to `/webhook`

or am I reading this in a wrong way

Signature verification is happening when you call stripe.webhooks.constructEvent(req.body, sig, endpointSecret); - which I assume it being called when you hit /webhook

I think I got it

yup I got it, the 2nd link that u sent me on github helped

thank you!

👍 happy to help!

so now when the request was sent from a party other than stripe, const event will give an error right?

yup! that's the idea 🙂