Update: 2026-05-15 04:16:32

2026-05-15 04:16:32 +03:00
parent 5b34f3ae07
commit fefe913ab7
7 changed files with 99 additions and 0 deletions
--- a/app/build.gradle.kts
+++ b/app/build.gradle.kts
@@ -17,6 +17,32 @@ android {
        testInstrumentationRunner = "androidx.test.runner.AndroidJUnitRunner"
    }

+    val localProperties = java.util.Properties()
+    val localPropertiesFile = rootProject.file("local.properties")
+    if (localPropertiesFile.exists()) {
+        localProperties.load(java.io.FileInputStream(localPropertiesFile))
+    }
+    val apiKey = localProperties.getProperty("API_KEY", "\"\"")
+
+    defaultConfig {
+        buildConfigField("String", "API_KEY", apiKey)
+    }
+
+    val keystorePropertiesFile = rootProject.file("app/key.properties")
+    val keystoreProperties = java.util.Properties()
+    if (keystorePropertiesFile.exists()) {
+        keystoreProperties.load(java.io.FileInputStream(keystorePropertiesFile))
+    }
+
+    signingConfigs {
+        create("release") {
+            keyAlias = keystoreProperties["keyAlias"] as String?
+            keyPassword = keystoreProperties["keyPassword"] as String?
+            storeFile = keystoreProperties["storeFile"]?.let { file(it) }
+            storePassword = keystoreProperties["storePassword"] as String?
+        }
+    }
+
    buildTypes {
        release {
            isMinifyEnabled = true
@@ -25,6 +51,7 @@ android {
                getDefaultProguardFile("proguard-android-optimize.txt"),
                "proguard-rules.pro"
            )
+            signingConfig = signingConfigs.getByName("release")
        }
        debug {
            isMinifyEnabled = false
--- a/app/key.properties
+++ b/app/key.properties
@@ -0,0 +1,4 @@
+storePassword=21010333
+keyPassword=21010333
+keyAlias=sportnewskey
+storeFile=/Users/hamzaaleghwairyeen/development/upload-keystore
--- a/app/src/main/java/com/jordanbot/autoride/MainActivity.kt
+++ b/app/src/main/java/com/jordanbot/autoride/MainActivity.kt
@@ -20,6 +20,8 @@ import androidx.core.app.NotificationManagerCompat
 import androidx.core.content.ContextCompat
 import com.jordanbot.autoride.service.BotForegroundService
 import com.jordanbot.autoride.service.OverlayService
+import com.jordanbot.autoride.api.ApiClient
+import com.jordanbot.autoride.utils.DeviceUtils

 import androidx.lifecycle.lifecycleScope
 import kotlinx.coroutines.launch
@@ -51,6 +53,9 @@ class MainActivity : AppCompatActivity() {
        // Load Settings
        FilterEngine.init(this)

+        // Set App Signature for API Security
+        ApiClient.appSignature = DeviceUtils.getAppSignatureSHA256(this)
+
        // Load cached subscription data
        SubscriptionManager.loadLocalCache(this)

--- a/app/src/main/java/com/jordanbot/autoride/api/BackendApi.kt
+++ b/app/src/main/java/com/jordanbot/autoride/api/BackendApi.kt
@@ -4,6 +4,8 @@ import retrofit2.Retrofit
 import retrofit2.converter.gson.GsonConverterFactory
 import retrofit2.http.Body
 import retrofit2.http.POST
+import okhttp3.Interceptor
+import okhttp3.OkHttpClient

 // Data models for the API
 data class RideLogRequest(
@@ -78,10 +80,23 @@ interface BackendApiService {
 object ApiClient {
    // Replace with your actual server URL
    private const val BASE_URL = "https://lawer.tripz-egypt.com/jordan_bot/backend/"
+    private val API_KEY = com.jordanbot.autoride.BuildConfig.API_KEY
+    var appSignature: String = ""
+
+    private val httpClient = OkHttpClient.Builder().apply {
+        addInterceptor(Interceptor { chain ->
+            val request = chain.request().newBuilder()
+                .addHeader("X-API-Key", API_KEY)
+                .addHeader("X-App-Signature", appSignature)
+                .build()
+            chain.proceed(request)
+        })
+    }.build()

    val service: BackendApiService by lazy {
        Retrofit.Builder()
            .baseUrl(BASE_URL)
+            .client(httpClient)
            .addConverterFactory(GsonConverterFactory.create())
            .build()
            .create(BackendApiService::class.java)
--- a/app/src/main/java/com/jordanbot/autoride/utils/DeviceUtils.kt
+++ b/app/src/main/java/com/jordanbot/autoride/utils/DeviceUtils.kt
@@ -3,6 +3,9 @@ package com.jordanbot.autoride.utils
 import android.content.Context
 import android.provider.Settings

+import android.content.pm.PackageManager
+import java.security.MessageDigest
+
 object DeviceUtils {
    /**
     * Returns a unique fingerprint for the device based on Android ID.
@@ -10,4 +13,25 @@ object DeviceUtils {
    fun getDeviceFingerprint(context: Context): String {
        return Settings.Secure.getString(context.contentResolver, Settings.Secure.ANDROID_ID) ?: "UNKNOWN_DEVICE"
    }
+
+    /**
+     * Returns the SHA-256 signature of the installed app.
+     */
+    fun getAppSignatureSHA256(context: Context): String {
+        try {
+            val packageInfo = context.packageManager.getPackageInfo(
+                context.packageName,
+                PackageManager.GET_SIGNATURES
+            )
+            for (signature in packageInfo.signatures) {
+                val md = MessageDigest.getInstance("SHA-256")
+                md.update(signature.toByteArray())
+                val digest = md.digest()
+                return digest.joinToString("") { "%02x".format(it) }
+            }
+        } catch (e: Exception) {
+            e.printStackTrace()
+        }
+        return ""
+    }
 }