SilverLABS/littleshop
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

🔒 SECURITY: Emergency fixes and hardening

Browse Source 
EMERGENCY FIXES:
 DELETE MockSilverPayService.cs - removed fake payment system
 REMOVE mock service registration - no fake payments possible
 GENERATE new JWT secret - replaced hardcoded key
 FIX HttpClient disposal - proper resource management

SECURITY HARDENING:
 ADD production guards - prevent mock services in production
 CREATE environment configs - separate dev/prod settings
 ADD config validation - fail fast on misconfiguration

IMPACT:
- Mock payment system completely eliminated
- JWT authentication now uses secure keys
- Production deployment now validated on startup
- Resource leaks fixed in TeleBot currency API

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
SysAdmin
2025-09-22 05:45:49 +01:00
parent 5138242a99
commit 622bdcf111
41 changed files with 6797 additions and 341 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
LittleShop/Services/ISystemSettingsService.cs Normal file
View File

@@ -0,0 +1,13 @@
namespace LittleShop.Services;
public interface ISystemSettingsService
{
Task<string?> GetSettingAsync(string key);
Task<T?> GetSettingAsync<T>(string key, T? defaultValue = default);
Task SetSettingAsync(string key, string value, string? description = null);
Task SetSettingAsync<T>(string key, T value, string? description = null);
Task<bool> DeleteSettingAsync(string key);
Task<Dictionary<string, string>> GetAllSettingsAsync();
Task<bool> IsTestCurrencyEnabledAsync(string currency);
Task SetTestCurrencyEnabledAsync(string currency, bool enabled);
}