Clarify API secret error

2024-11-08 20:22:42 +01:00 · 2016-09-20 09:03:07 +03:00 · 2016-09-20 09:03:07 +03:00 · 092f842592
commit 092f842592
parent 2b83aa45f9
1 changed files with 2 additions and 1 deletions
--- a/app/Http/Middleware/ApiCheck.php
+++ b/app/Http/Middleware/ApiCheck.php
@ -25,6 +25,7 @@ class ApiCheck {
    {
        $loggingIn = $request->is('api/v1/login') || $request->is('api/v1/register');
        $headers = Utils::getApiHeaders();
+        $hasApiSecret = false;

        if ($secret = env(API_SECRET)) {
            $hasApiSecret = hash_equals($request->api_secret ?: '', $secret);
@ -34,7 +35,7 @@ class ApiCheck {
            // check API secret
            if ( ! $hasApiSecret) {
                sleep(ERROR_DELAY);
-                return Response::json('Invalid secret', 403, $headers);
+                return Response::json('Invalid value for API_SECRET', 403, $headers);
            }
        } else {
            // check for a valid token