Node.js / Next.js

Send an order from a backend route

// Next.js App Router — app/api/orders/route.ts
export async function POST(req: Request) {
  const order = await req.json();
  // 1. Save in your DB FIRST (do not block on OrderGer)

  // 2. Fire-and-forget to OrderGer
  fetch('https://orderger-api.hamidalqwaysim.workers.dev/api/v1/orders', {
    method: 'POST',
    headers: {
      'authorization': `Bearer ${process.env.ORDERGER_API_KEY}`,
      'x-orderger-branch-id': process.env.ORDERGER_BRANCH_ID!,
      'content-type': 'application/json',
    },
    body: JSON.stringify(toOrderGer(order)),
  }).catch(e => console.error('OrderGer send failed', e));

  return Response.json({ ok: true });
}

Webhook receiver with signature verification

import crypto from 'node:crypto';

export async function POST(req: Request) {
  const body = await req.text();
  const sig  = req.headers.get('x-orderger-signature') || '';
  const expected = 'sha256=' + crypto.createHmac('sha256', process.env.ORDERGER_WEBHOOK_SECRET!).update(body).digest('hex');
  if (sig !== expected) return new Response('bad signature', { status: 401 });

  const evt = JSON.parse(body);
  // Update your order in DB based on evt.event and evt.status
  return Response.json({ ok: true });
}

Never expose ORDERGER_API_KEY to the browser. Always read from process.env on the server.