SysAdmin
622bdcf111
EMERGENCY FIXES: ✅ DELETE MockSilverPayService.cs - removed fake payment system ✅ REMOVE mock service registration - no fake payments possible ✅ GENERATE new JWT secret - replaced hardcoded key ✅ FIX HttpClient disposal - proper resource management SECURITY HARDENING: ✅ ADD production guards - prevent mock services in production ✅ CREATE environment configs - separate dev/prod settings ✅ ADD config validation - fail fast on misconfiguration IMPACT: - Mock payment system completely eliminated - JWT authentication now uses secure keys - Production deployment now validated on startup - Resource leaks fixed in TeleBot currency API 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
43 lines
1.1 KiB
JSON
43 lines
1.1 KiB
JSON
{
|
|
"ConnectionStrings": {
|
|
"DefaultConnection": "Data Source=littleshop-dev.db"
|
|
},
|
|
"Jwt": {
|
|
"Key": "DEV_8aiNFkRrOao7/vleviWM8EP5800dMOh2hlaKGJoQOQvaxxOVHM3eLAb3+5KN8EcjKZKREHttGKUfvtQrV3ZM4A==",
|
|
"Issuer": "LittleShop-Dev",
|
|
"Audience": "LittleShop-Dev",
|
|
"ExpiryInHours": 2
|
|
},
|
|
"SilverPay": {
|
|
"BaseUrl": "http://localhost:8001",
|
|
"ApiKey": "sp_test_key_development",
|
|
"WebhookSecret": "webhook_secret_dev",
|
|
"DefaultWebhookUrl": "http://localhost:5000/api/orders/payments/webhook",
|
|
"AllowUnsignedWebhooks": true
|
|
},
|
|
"Logging": {
|
|
"LogLevel": {
|
|
"Default": "Debug",
|
|
"Microsoft.AspNetCore": "Information",
|
|
"LittleShop": "Debug"
|
|
}
|
|
},
|
|
"Security": {
|
|
"AllowInsecureSSL": true,
|
|
"EnableDetailedErrors": true
|
|
},
|
|
"CORS": {
|
|
"AllowedOrigins": [
|
|
"http://localhost:3000",
|
|
"http://localhost:5173",
|
|
"http://localhost:5000",
|
|
"http://localhost:5001",
|
|
"https://localhost:5001",
|
|
"http://localhost:8080"
|
|
]
|
|
},
|
|
"TeleBot": {
|
|
"ApiUrl": "http://localhost:8080",
|
|
"ApiKey": "development-key-replace-in-production"
|
|
}
|
|
} |