fix: remove hardcoded credentials from source code
- Move PayPal live/sandbox API keys to env variables - Move hardcoded API token in isAuthorized middleware to env variable - Add api_token key to config/app.php - Update .env.example with new required env vars - Fix isAuthorized response code from 503 to 401
This commit is contained in:
Frank John Begornia
@@ -11,6 +11,13 @@ CACHE_DRIVER=file
|
||||
SESSION_DRIVER=file
|
||||
QUEUE_DRIVER=sync
|
||||
|
||||
PAYPAL_SANDBOX_CLIENT_ID=
|
||||
PAYPAL_SANDBOX_SECRET=
|
||||
PAYPAL_LIVE_CLIENT_ID=
|
||||
PAYPAL_LIVE_SECRET=
|
||||
|
||||
API_TOKEN=
|
||||
|
||||
MAIL_DRIVER=smtp
|
||||
MAIL_HOST=mailtrap.io
|
||||
MAIL_PORT=2525
|
||||
|
||||
Reference in New Issue
Block a user