tenantId; $db = Database::getInstance(); $stmt = $db->prepare("SELECT id, public_key, name, is_active, created_at FROM api_keys WHERE tenant_id = ? AND is_active = 1"); $stmt->execute([$tenantId]); $keys = $stmt->fetchAll(); Response::json(['success' => true, 'data' => $keys]); } public function create(Request $request): void { $tenantId = $request->tenantId; $data = $request->getBody(); $name = $data['name'] ?? 'Default Key'; $publicKey = bin2hex(random_bytes(16)); // 32 chars $secret = bin2hex(random_bytes(32)); // 64 chars $db = Database::getInstance(); $stmt = $db->prepare("INSERT INTO api_keys (id, tenant_id, name, public_key, secret_hash, is_active, created_at) VALUES (?, ?, ?, ?, ?, 1, NOW())"); $id = \Ramsey\Uuid\Uuid::uuid4()->toString(); $stmt->execute([ $id, $tenantId, $name, $publicKey, password_hash($secret, PASSWORD_BCRYPT) ]); Response::json([ 'success' => true, 'message' => 'تم إنشاء مفتاح API بنجاح. يرجى حفظ السر (Secret) الآن لأنه لن يظهر مرة أخرى.', 'data' => [ 'id' => $id, 'public_key' => $publicKey, 'secret' => $secret ] ], 201); } public function revoke(Request $request, string $id): void { $tenantId = $request->tenantId; $db = Database::getInstance(); $stmt = $db->prepare("UPDATE api_keys SET is_active = 0 WHERE id = ? AND tenant_id = ?"); $stmt->execute([$id, $tenantId]); Response::json(['success' => true, 'message' => 'تم إيقاف مفتاح API بنجاح']); } }