Webhooks run a large portion of the "magic" that happens between applications. They are sometimes called reverse APIs, callbacks, and even notifications. Many services, such as SendGrid, Stripe, Slack, and GitHub use events to send webhooks as part of their API. This allows your application to listen for events and perform actions when they happen.
In a previous article, we looked at how toĀ consume webhooks with Node.js and Express. In this article we'll look at how you can listen for webhooks using Python (v3+) with theĀ FlaskĀ orĀ DjangoĀ frameworks.
This guide assumes you have Python v3 installed on your machine. You can find details on installing python at theĀ official downloads page. Depending on your setup, theĀ
pythonpython3You can confirm the installed version by running the following from the terminal:
python --versionor, if that displays a version below 3:
python3 --versionWhat is a webhook
Webhooks are called reverse APIs for a reason. Instead of your application sending a request to the API, the API sends the request to your application. While the concept may sound different, the way that we consume webhooks is the same way that an API consumes a request.
In most web frameworks, there is the concept of a route. A route allows the application to respond with specific content or data when the user visits a specific URL. The same idea applies to APIs.
When you send a request to GitHub for details about a specific organization, such asĀ
https://api.github.com/orgs/Bearer/orgs/:org:orgThe same concept is applied when receiving webhooks. We establish a route, tell the service where to send the data, and our application sits and waits until a request comes in to that route. There are a few consistencies across webhook implementations.
- They are normallyĀ
Ā requests.POST - They receive JSON data.
- They need to respond quickly.
Some APIs will require that your application respond within a certain amount of time, otherwise the event will be re-sent. For example, theĀ Slack APIĀ expects a response back within three seconds.
Receive a webhook with Flask
TheĀ Flask frameworkĀ is a lightweight Python web framework that describes itself as "micro". This allows you to use just what you need, then add more structure later as your project grows.
For our purposes, this is great as we are only concerned with routing. Make sure Python is installed, then run the following command in your terminal to install flask:
python -m pip install FlaskYou can find full installation and setup details on at theĀ Flask documentation.
Next, create aĀ
.pymain.pyfrom flask import Flask, request, Response
app = Flask(__name__)
@app.route('/webhook', methods=['POST'])
def respond():
print(request.json);
return Response(status=200)This code imports the Flask class along with the request and Response objects. Then instantiates it with a name ofĀ
__name__appNext, we use theĀ
@app.routePOST/webhookrespondFor the purpose of this example, weĀ
printResponseexport FLASK_APP=main.py
python -m flask runThats's it! We now have an app that listens for a webhook with python and flask. Once deployed,Ā
POSTrespondFor example:Ā
https://exampledomain.com/webhook.Receive a webhook with Django
Setting up an application in Django is more automated than Flask, but that also comes with a more elaborate file structure. As a more traditional Model-View-Controller (MVC) framework, Django scaffolds out the main parts of the project for you. A full installation guide is available onĀ the official Django documentation page, but it can also be installed withĀ
pippython -m pip install DjangoIf you're setting up a project from scratch, use theĀ
django-admindjango-admin startproject example-projectThis sets up the basis for a new Django project. Navigate to the newly created folder, and you should see a structure similar to the following:
example-project/
manage.py
example-project/
__init__.py
settings.py
urls.py
asgi.py
wsgi.pyWe can confirm that everything worked by runningĀ
python manage.py runserverDjango's convention is to set up "apps" within this outer "project". You can avoid this and set up a single-app project by runningĀ
django-admin startproject example-project .To do that, we'll set up an "app" calledĀ webhooks.
python manage.py startapp webhooksThis creates a new directory calledĀ webhooks. Great! Now we can write some code.
We'll be focused on three files:
webhooks/views.pywebhooks/urls.py example-site/urls.pyOpen the fileĀ
webhooks/views.pyfrom django.http import HttpResponse
from django.views.decorators.http import require_POST
@require_POST
def example(request):
return HttpResponse('Hello, world. This is the webhook response.')This code does the following:
- It imports theĀ
Ā object that will be used to send a response.HttpResponse - It imports a special decorator to limit the request method. In Django, routes accept all HTTP methods by default and let the views manage which methods they respond to.
- Calls the decorator to limit the function that follows to only theĀ
Ā method.POST - Defines a function, namedĀ
Ā that takes the request as an argument and returns a response.example
ThisĀ
exampleurls.pyNext, createĀ
webhooks/urls.pyfrom django.urls import path
from . import views
urlpatterns = [
path('example/', views.example)
]Here, we importĀ
pathdjango.urlsFinally,Ā
urlpatternsIn this instance, we define a path that targetsĀ
example/views.exampleviews.pyWith this done, our application works, but we need to tell the outer project about it. OpenĀ
example-project/urls.pyadminurlpatterns = [
path('admin/', admin.site.urls),
path('webhooks/', include('webhooks.urls'))
]If your server stopped, run it again withĀ
python manage.py runserverNow try making a POST request to
http://127.0.0.1:8000/webhooks/example/ With that, we have set up a Django project that listens for a webhook atĀ
/webhooks/exampleTesting webhooks locally
To test webhooks locally without deploying, we need to open up a connection from our development machine to the outside world.
One option is to useĀ ngrok. This service allows you to provide outside access to a specific port on your local machine. This works great for our needs. To get started, sign up and follow the installation and getting started instructions.
Once done, if you're on MacOS, you should be able to runĀ
./ngrok http 3000Once up and running, ngrok will provide you with a url that you can use to test your webhook. In Bearer, we provide a "test" button in our Notification settings.
Once configured, you'll start receiving webhooks at that URL. Don't forget to change it over to the final, deployed webhook URL once development and testing are complete.
What can you do with this information?
Once a webhook is configured, it is up to you how to handle the information it receives. You can use this information to react to events in real-time, feature flip parts of your application, or even use it as a way to write data to a database. There are countless capabilities your webhook can have depending on what kind of information the API provider sends.
While we built a basic implementation in this article, it is worth mentioning that many services offer ways to validate that a request is coming from the actual source. This can be done by limiting the URLs that access your application, or by matching a secret key. GitHub, for example, allows you to set a secret that will be sent with each webhook.
Explore the documentation for the services you use to see how best to work within their setup. If you like the idea of using webhooks to react to monitoring changes with your third-party API providers,Ā check out what we're building at Bearer.sh.
