Hamza/jordan_bot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update: 2026-05-15 15:39:58

Browse Source
This commit is contained in:
Hamza-Ayed
2026-05-15 15:39:58 +03:00
parent 0d9709d292
commit 62e74d205d
1 changed files with 5 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
backend/config/db.php
View File

@@ -40,17 +40,20 @@ if (!$envLoaded) {
}
// Security: API Key Validation
$expectedApiKey = $_ENV['API_KEY'] ?? 'JORDAN_BOT_SECRET_2026'; // Fallback if not in .env
$expectedApiKey = $_ENV['API_KEY'] ?? 'JORDAN_BOT_SECRET_2026';
$headers = getallheaders();
$providedKey = $headers['X-API-Key'] ?? ($headers['x-api-key'] ?? null);
// Debug Logging
error_log("JordanBot API Check: Provided Key: [$providedKey], Expected Key (from ENV): [" . ($_ENV['API_KEY'] ?? 'NULL') . "], Fallback: [JORDAN_BOT_SECRET_2026]");
if ($providedKey !== $expectedApiKey) {
http_response_code(401);
echo json_encode(['success' => false, 'message' => 'Unauthorized: Invalid or missing API Key']);
exit;
}
// Extra Security: App Signature Fingerprint Validation (Optional)
// Extra Security: App Signature Fingerprint Validation (Temporarily Disabled for Debugging)
/*
$expectedSignatures = $_ENV['APP_SIGNATURE_SHA256'] ?? null;
if (!empty($expectedSignatures)) {