From 436fc2efa857ef9365515b060bd29ce3e9021ca8 Mon Sep 17 00:00:00 2001
From: Hamza-Ayed <hamzaayedflutter@gmail.com>
Date: Sat, 23 May 2026 16:46:06 +0300
Subject: [PATCH] =?UTF-8?q?=D8=AA=D8=AD=D8=AF=D9=8A=D8=AB=20=D8=A7=D9=84?=
 =?UTF-8?q?=D8=A5=D8=B9=D8=AF=D8=A7=D8=AF=D8=A7=D8=AA=20=D9=84=D8=AA=D8=B9?=
 =?UTF-8?q?=D9=85=D9=84=20=D8=AD=D8=B5=D8=B1=D9=8A=D8=A7=D9=8B=20=D8=B9?=
 =?UTF-8?q?=D8=A8=D8=B1=20getenv=20=D8=A8=D8=AF=D9=88=D9=86=20=D9=82=D9=8A?=
 =?UTF-8?q?=D9=85=20=D8=A7=D9=81=D8=AA=D8=B1=D8=A7=D8=B6=D9=8A=D8=A9?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 backend/config.php | 43 +++++++++++++++++++++++++++++--------------
 1 file changed, 29 insertions(+), 14 deletions(-)

diff --git a/backend/config.php b/backend/config.php
index 813aca7..125d83c 100644
--- a/backend/config.php
+++ b/backend/config.php
@@ -4,21 +4,36 @@
  * Domain: otp.intaleqapp.com
  */
 
+// Load Dotenv if composer dependencies are installed
+if (file_exists(__DIR__ . '/vendor/autoload.php')) {
+    require_once __DIR__ . '/vendor/autoload.php';
+    
+    // Check inside current dir, parent dir, or grandparent dir
+    $envPaths = [__DIR__, dirname(__DIR__), dirname(dirname(__DIR__))];
+    foreach ($envPaths as $path) {
+        if (file_exists($path . '/.env')) {
+            $dotenv = Dotenv\Dotenv::createImmutable($path);
+            $dotenv->safeLoad();
+            break;
+        }
+    }
+}
+
 // Database
-define('DB_HOST', 'localhost');
-define('DB_NAME', 'otp_db');
-define('DB_USER', 'otp_user');
-define('DB_PASS', 'STRONG_PASSWORD');
+define('DB_HOST', getenv('DB_HOST'));
+define('DB_NAME', getenv('DB_NAME'));
+define('DB_USER', getenv('DB_USER'));
+define('DB_PASS', getenv('DB_PASS'));
 
 // Redis
-define('REDIS_HOST', '127.0.0.1');
-define('REDIS_PORT', 6379);
-define('REDIS_PASSWORD', null); // Set if Redis requires auth
-define('REDIS_DB', 1); // Isolated DB for OTP system
+define('REDIS_HOST', getenv('REDIS_HOST'));
+define('REDIS_PORT', getenv('REDIS_PORT'));
+define('REDIS_PASSWORD', getenv('REDIS_PASSWORD') ?: null);
+define('REDIS_DB', getenv('REDIS_DB'));
 
 // Application Keys
-define('APP_KEY', 'f3a9e7c1b8d5f2a4c6e9b1d3f5a7c9e1b3d5f7a9c1e3b5d7f9a1c3e5b7d9f1');
-define('DEVICE_KEY', 'er4er4');
+define('APP_KEY', getenv('APP_KEY'));
+define('DEVICE_KEY', getenv('DEVICE_KEY'));
 
 // SMS Sender ID (for iOS SMS delivery)
 define('SMS_SENDER_ID', 'انطلق');
@@ -33,16 +48,16 @@ define('RATE_LIMIT_MAX', 3);         // Max OTP requests per phone per window
 
 // Caller ID Configuration
 // Format: +96279XX{OTP} — XX = random 2 digits
-define('CALLER_ID_PREFIX', '+96279');
+define('CALLER_ID_PREFIX', '+9639');
 
 // Logging
 define('LOG_REQUESTS', true);
 define('LOG_FILE', __DIR__ . '/logs/api.log');
 
 // WhatsApp Gateway Configuration
-define('WHATSAPP_GATEWAY_URL', getenv('WHATSAPP_GATEWAY_URL') ?: 'http://localhost:3732');
-define('WHATSAPP_WEBHOOK_SECRET', getenv('WHATSAPP_WEBHOOK_SECRET') ?: 'flash_call_otp_webhook_secret_key');
-define('WHATSAPP_SESSION_KEY', getenv('WHATSAPP_SESSION_KEY') ?: 'flash_call_otp');
+define('WHATSAPP_GATEWAY_URL', getenv('WHATSAPP_GATEWAY_URL'));
+define('WHATSAPP_WEBHOOK_SECRET', getenv('WHATSAPP_WEBHOOK_SECRET'));
+define('WHATSAPP_SESSION_KEY', getenv('WHATSAPP_SESSION_KEY'));
 
 // Timezone
 date_default_timezone_set('Asia/Amman');