Anthony/quietthanks
1
0
Fork 0
mirror of https://github.com/Tony0410/quietthanks.git synced 2026-05-25 13:51:39 +08:00
Code Issues Packages Projects Releases Wiki Activity

Enhance security: Rotate VAPID keys, encrypt LLM API keys, and use env vars

Browse Source
This commit is contained in:
Gemini Agent
2026-01-25 05:13:18 +00:00
parent 3ca83f304f
commit ca0569ab0d
5 changed files with 101 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/app/api/settings/route.ts
View File

@@ -2,6 +2,7 @@ import { NextRequest, NextResponse } from "next/server";
import { db, schema } from "@/lib/db";
import { getSession } from "@/lib/auth";
import { eq } from "drizzle-orm";
import { encrypt } from "@/lib/crypto";
// GET /api/settings - Get current user settings
export async function GET() {
@@ -70,7 +71,8 @@ export async function PATCH(request: NextRequest) {
}
if (typeof body.llmApiKey === "string") {
updates.llmApiKey = body.llmApiKey || null;
// Encrypt the API key before storing
updates.llmApiKey = body.llmApiKey ? encrypt(body.llmApiKey) : null;
}
if (typeof body.llmModel === "string") {