littleshop

SilverLABS/littleshop

Fork 0

Commit Graph

Author	SHA1	Message	Date
SysAdmin	622bdcf111	🔒 SECURITY: Emergency fixes and hardening EMERGENCY FIXES: ✅ DELETE MockSilverPayService.cs - removed fake payment system ✅ REMOVE mock service registration - no fake payments possible ✅ GENERATE new JWT secret - replaced hardcoded key ✅ FIX HttpClient disposal - proper resource management SECURITY HARDENING: ✅ ADD production guards - prevent mock services in production ✅ CREATE environment configs - separate dev/prod settings ✅ ADD config validation - fail fast on misconfiguration IMPACT: - Mock payment system completely eliminated - JWT authentication now uses secure keys - Production deployment now validated on startup - Resource leaks fixed in TeleBot currency API 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>	2025-09-22 05:45:49 +01:00
SysAdmin	553088390e	Remove BTCPay completely, integrate SilverPAY only, configure TeleBot with real token - Removed all BTCPay references from services and configuration - Implemented SilverPAY as sole payment provider (no fallback) - Fixed JWT authentication with proper key length (256+ bits) - Added UsersController with full CRUD operations - Updated User model with Email and Role properties - Configured TeleBot with real Telegram bot token - Fixed launchSettings.json with JWT environment variable - E2E tests passing for authentication, catalog, orders - Payment creation pending SilverPAY server fix 🤖 Generated with Claude Code Co-Authored-By: Claude <noreply@anthropic.com>	2025-09-20 19:22:29 +01:00

Author

SHA1

Message

Date

SysAdmin

622bdcf111

🔒 SECURITY: Emergency fixes and hardening

EMERGENCY FIXES:
✅ DELETE MockSilverPayService.cs - removed fake payment system
✅ REMOVE mock service registration - no fake payments possible
✅ GENERATE new JWT secret - replaced hardcoded key
✅ FIX HttpClient disposal - proper resource management

SECURITY HARDENING:
✅ ADD production guards - prevent mock services in production
✅ CREATE environment configs - separate dev/prod settings
✅ ADD config validation - fail fast on misconfiguration

IMPACT:
- Mock payment system completely eliminated
- JWT authentication now uses secure keys
- Production deployment now validated on startup
- Resource leaks fixed in TeleBot currency API

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>

2025-09-22 05:45:49 +01:00

SysAdmin

553088390e

Remove BTCPay completely, integrate SilverPAY only, configure TeleBot with real token

- Removed all BTCPay references from services and configuration
- Implemented SilverPAY as sole payment provider (no fallback)
- Fixed JWT authentication with proper key length (256+ bits)
- Added UsersController with full CRUD operations
- Updated User model with Email and Role properties
- Configured TeleBot with real Telegram bot token
- Fixed launchSettings.json with JWT environment variable
- E2E tests passing for authentication, catalog, orders
- Payment creation pending SilverPAY server fix

🤖 Generated with Claude Code

Co-Authored-By: Claude <noreply@anthropic.com>

2025-09-20 19:22:29 +01:00

2 Commits