Hamza/intaleq_v2
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Security:5 Fix HMAC handshake, generate API keys in Google Login, and relax JWT issuer

Browse Source
This commit is contained in:
Hamza-Ayed
2026-04-24 16:55:56 +03:00
parent c536500c15
commit ff5a7bdc0e
1 changed files with 3 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
app/Http/Controllers/OtpController.php
View File

@@ -108,8 +108,10 @@ class OtpController extends Controller
// TODO: Send SMS/WhatsApp via external provider // TODO: Send SMS/WhatsApp via external provider
// Check if passenger exists to allow immediate login (V1 style) // Check if passenger exists to allow immediate login (V1 style)
// Note: Phone is stored ENCRYPTED in passengers table in V1
$encPhone = $this->encryption->encrypt($phone);
$passenger = DB::connection('primary')->table('passengers') $passenger = DB::connection('primary')->table('passengers')
->where('phone', $phone) ->where('phone', $encPhone)
->first(); ->first();
return $this->success([ return $this->success([