From 7f1fe1347a57557a57751640606665381bffc9a5 Mon Sep 17 00:00:00 2001 From: Will Anderson Date: Sat, 2 May 2026 12:17:13 -0500 Subject: [PATCH] add docuseal webhook receiver with event log + completion notification POST /api/docuseal/webhook/ validates the path token against DOCUSEAL_WEBHOOK_TOKEN, persists every event to docuseal_events with the full payload as jsonb, and emails Will via Resend on form.completed or form.declined. Token rotates via Secret Manager. --- migrations/20260502115444_docuseal_events.sql | 29 +++++++++++++++++++ 1 file changed, 29 insertions(+) create mode 100644 migrations/20260502115444_docuseal_events.sql diff --git a/migrations/20260502115444_docuseal_events.sql b/migrations/20260502115444_docuseal_events.sql new file mode 100644 index 0000000..365b6f7 --- /dev/null +++ b/migrations/20260502115444_docuseal_events.sql @@ -0,0 +1,29 @@ +-- DocuSeal webhook event log. +-- +-- Append-only audit trail of every event delivered by DocuSeal to +-- /api/docuseal/webhook/. The full webhook body is preserved as +-- jsonb in `payload` so we never lose information; the extracted columns +-- are for fast lookup and downstream notification logic. +-- +-- RLS is on with no policies; only the service-role key (used by the +-- webhook receiver in main.el) can read or write. + +create table if not exists public.docuseal_events ( + id bigserial primary key, + event_type text not null, + received_at timestamptz not null default now(), + event_timestamp timestamptz, + submission_id bigint, + signer_email text, + signer_name text, + payload jsonb not null, + ua text, + ip text +); + +create index if not exists docuseal_events_submission_id_idx on public.docuseal_events (submission_id); +create index if not exists docuseal_events_email_idx on public.docuseal_events (signer_email); +create index if not exists docuseal_events_event_type_idx on public.docuseal_events (event_type); +create index if not exists docuseal_events_received_at_idx on public.docuseal_events (received_at desc); + +alter table public.docuseal_events enable row level security;