BassPago/leeds_backend
2
0
Fork 1
Code Issues 1 Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Compare commits

base: BassPago:44adffb713babfca59d9d15b61b4bc8705b16c8e
Branches Tags
BassPago:master
..
compare: BassPago:0164a0a03568ec8dbcc86de15e71c4b05564a5e5
Branches Tags
BassPago:master

No commits in common. "44adffb713babfca59d9d15b61b4bc8705b16c8e" and "0164a0a03568ec8dbcc86de15e71c4b05564a5e5" have entirely different histories.
44adffb713 ... 0164a0a035

20 changed files with 420 additions and 367 deletions
Show Stats Expand all files Collapse all files

167
bin/support-cli
View File

@ -5,10 +5,10 @@ const Database = require("better-sqlite3");
const path = require("path");
const crypto = require("crypto");
const DB_PATH = path.resolve(__dirname, "../data/data.db");
function callDb(fn) {
const db = new Database(DB_PATH, { fileMustExist: true });
const db = new Database(path.resolve(__dirname, "../data/auth.db"), {
fileMustExist: true,
});
try {
fn(db);
} finally {
@ -20,119 +20,117 @@ function gen(bytes) {
return crypto.randomBytes(bytes).toString("hex");
}
/**
* adduser <user_name> <source>
*/
function addUser(args) {
const [userName, source] = args;
if (!userName || !source) {
console.error("usage: adduser <user_name> <source>");
process.exit(1);
}
const [username, email, status, displayName] = args;
callDb((db) => {
const res = db
.prepare(
`
INSERT INTO users (
user_name,
user_source,
user_status,
user_created_at
)
VALUES (?, ?, 1, ?)
INSERT INTO users (username, email, status, display_name)
VALUES (?, ?, ?, ?)
`,
)
.run(userName, source, Date.now());
.run(username, email, status, displayName);
console.log("user_id:", res.lastInsertRowid);
});
}
/**
* genkey <user_name>
*/
function genKey(args) {
const [userName] = args;
callDb((db) => {
const user = db
.prepare(`SELECT user_id FROM users WHERE user_name = ?`)
.get(userName);
if (!user) {
console.error("user not found");
process.exit(1);
}
const apiKey = gen(24); // 48 hex chars
const apiSecret = gen(48); // 96 hex chars
db.prepare(
`
UPDATE users
SET user_api_key = ?, user_api_secret = ?
WHERE user_id = ?
`,
).run(apiKey, apiSecret, user.user_id);
console.log("api_key:", apiKey);
console.log("api_secret:", apiSecret);
});
}
/**
* disable <user_name>
*/
function disableUser(args) {
const [userName] = args;
function disUser(args) {
const [username] = args;
callDb((db) => {
db.prepare(
`
UPDATE users SET user_status = 0
WHERE user_name = ?
UPDATE users SET status = 'disabled'
WHERE username = ?
`,
).run(userName);
).run(username);
console.log("user disabled:", userName);
console.log("user disabled:", username);
});
}
/**
* list <user_name>
*/
function listUser(args) {
const [userName] = args;
const [username] = args;
callDb((db) => {
const user = db
.prepare(
`
SELECT
user_id,
user_name,
user_source,
user_status,
user_api_key,
user_created_at
SELECT user_id, username, email, status, display_name, created_at
FROM users
WHERE user_name = ?
WHERE username = ?
`,
)
.get(userName);
.get(username);
if (!user) {
console.log("user not found");
return;
}
console.log("USER");
console.log(user);
const keys = db
.prepare(
`
SELECT api_key, status, created_at, last_used_at
FROM api_keys
WHERE user_id = ?
`,
)
.all(user.user_id);
if (keys.length) {
console.log("\nAPI_KEYS");
keys.forEach((k) => console.log(k));
}
});
}
/* ======================== */
function addKey(args) {
const [username] = args;
callDb((db) => {
const user = db
.prepare(
`
SELECT user_id FROM users WHERE username = ?
`,
)
.get(username);
const apiKey = gen(24);
const apiSecret = gen(48);
db.prepare(
`
INSERT INTO api_keys (user_id, api_key, api_secret, status)
VALUES (?, ?, ?, 'active')
`,
).run(user.user_id, apiKey, apiSecret);
console.log("api_key:", apiKey);
console.log("api_secret:", apiSecret);
});
}
function disKey(args) {
const [apiKey] = args;
callDb((db) => {
db.prepare(
`
UPDATE api_keys SET status = 'revoked'
WHERE api_key = ?
`,
).run(apiKey);
console.log("api_key revoked");
});
}
const argv = process.argv.slice(2);
const cmd = argv[0];
@ -143,20 +141,23 @@ switch (cmd) {
addUser(args);
break;
case "genkey":
genKey(args);
case "disuser":
disUser(args);
break;
case "disable":
disableUser(args);
break;
case "list":
case "listuser":
listUser(args);
break;
case "addkey":
addKey(args);
break;
case "diskey":
disKey(args);
break;
default:
console.error("Unknown command");
console.error("Commands: adduser | genkey | disable | list");
process.exit(1);
}

6
public/index.php
View File

@ -4,9 +4,9 @@ declare(strict_types=1);
require __DIR__ . '/../vendor/autoload.php';
use FrameworkX\App;
use Bass\Webclient\Middleware\HmacAuthMiddleware;
use Bass\Webclient\Auth\Middleware\HmacAuthMiddleware;
use Bass\Webclient\Controllers\RequestController;
use Bass\Webclient\Libs\ResponseLib;
use Bass\Webclient\Http\ResponseLib;
ini_set('display_errors', '1');
ini_set('display_startup_errors', '1');
@ -16,12 +16,14 @@ $app = new App();
$hmacAuth = new HmacAuthMiddleware();
$app->post(
'/v1/request',
$hmacAuth,
RequestController::class
);
$app->get(
'/health',
fn() => ResponseLib::sendOk(['status' => 'ok'])

31
readme.md
View File

@ -1,31 +0,0 @@
├── bin
│   ├── email-cli
│   └── support-cli
├── data
│   └── data.db
├── logs
├── public
│   └── index.php
├── readme.md
├── src
│   ├── Middleware
│   ├ |── HmacAuthMiddleware.php
│   │   └── RateLImitMiddleware.php
│   ├── Controllers
│   │   └── RequestController.php
│   ├── Model
│   │   └── ModelFactory.php
│   │   └── LeadModel.php
│   ├── Libs
│   │   └── ResponseLib.php
│   │   ├── ExecLib.php
│   │   ├── GuardLib.php
│   │   ├── RequestLib.php
│   │   └── SanitizationLib.php
│   ├── migration
│   │   └── schema.sql
│   └── Schema
│   └── LeadSchema.php
└── test
├── hmac_curl.sh
└── request.sh

22
src/Auth/Infra/AuthModelFactory.php Normal file
View File

@ -0,0 +1,22 @@
<?php
declare(strict_types=1);
namespace Bass\Webclient\Auth\Infra;
use PDO;
class AuthModelFactory
{
private static ?PDO $db = null;
public static function db(): PDO
{
if (self::$db === null) {
self::$db = new PDO('sqlite:' . __DIR__ . '/../../../data/auth.db');
self::$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
self::$db->setAttribute(PDO::ATTR_DEFAULT_FETCH_MODE, PDO::FETCH_ASSOC);
self::$db->exec('PRAGMA foreign_keys = ON;');
}
return self::$db;
}
}

11
src/Middleware/HmacAuthMiddleware.php → src/Auth/Middleware/HmacAuthMiddleware.php
View File

@ -1,10 +1,10 @@
<?php
declare(strict_types=1);
namespace Bass\Webclient\Middleware;
namespace Bass\Webclient\Auth\Middleware;
use Bass\Webclient\Libs\ResponseLib;
use Bass\Webclient\Model\ApiKeyModel;
use Bass\Webclient\Http\ResponseLib;
use Bass\Webclient\Auth\Models\ApiKeyModel;
use Psr\Http\Message\ServerRequestInterface;
use React\Http\Message\Response;
@ -29,7 +29,7 @@ class HmacAuthMiddleware
);
}
// 🔒 API key format (fail fast)
// 🔒 FORMATO DA API KEY (fail fast)
if (!preg_match(self::API_KEY_REGEX, $apiKey)) {
return ResponseLib::sendFail(
'Invalid API key format',
@ -38,7 +38,6 @@ class HmacAuthMiddleware
);
}
// ⏱ replay protection (5 min window)
if (abs(time() - (int) $timestamp) > 300) {
return ResponseLib::sendFail(
'Expired request',
@ -67,6 +66,8 @@ class HmacAuthMiddleware
);
}
(new ApiKeyModel())->touchLastUsed($apiKey);
return $next(
$request->withAttribute('auth', [
'user_id' => $result['user_id'],

92
src/Auth/Middleware/RateLImitMiddleware.php Normal file
View File

@ -0,0 +1,92 @@
<?php
declare(strict_types=1);
namespace Bass\Webclient\Auth\Middleware;
use Psr\Http\Message\ServerRequestInterface;
use React\Http\Message\Response;
use Bass\Webclient\Http\ResponseLib;
class RateLimitMiddleware
{
private int $maxRequests;
private int $windowSeconds;
private const API_KEY_REGEX = '/^[a-f0-9]{48}$/';
public function __construct(int $maxRequests = 30, int $windowSeconds = 60)
{
$this->maxRequests = $maxRequests;
$this->windowSeconds = $windowSeconds;
}
public function __invoke(ServerRequestInterface $request, callable $next): Response
{
$apiKey = $request->getHeaderLine('X-API-KEY');
if (!$apiKey) {
return ResponseLib::sendFail(
'Missing API key',
401,
['code' => 'MISSING_API_KEY']
);
}
// 🔒 FORMATO INVÁLIDO → DROP IMEDIATO
if (!preg_match(self::API_KEY_REGEX, $apiKey)) {
return ResponseLib::sendFail(
'Invalid API key format',
401,
['code' => 'INVALID_API_KEY_FORMAT']
);
}
// 🔒 rate-limit SOMENTE para chave válida
if (!$this->allowRequest($apiKey)) {
return ResponseLib::sendFail(
'Rate limit exceeded',
429,
[
'code' => 'RATE_LIMIT_EXCEEDED',
'retry_after' => $this->windowSeconds
]
);
}
return $next($request);
}
/**
* Controle de rate-limit por filesystem
*/
private function allowRequest(string $key): bool
{
$now = time();
$file = sys_get_temp_dir() . '/rl_' . sha1($key);
$data = [
'count' => 0,
'reset' => $now + $this->windowSeconds
];
if (file_exists($file)) {
$stored = json_decode(file_get_contents($file), true);
if (is_array($stored)) {
$data = $stored;
}
}
if ($now > $data['reset']) {
$data = [
'count' => 0,
'reset' => $now + $this->windowSeconds
];
}
$data['count']++;
file_put_contents($file, json_encode($data), LOCK_EX);
return $data['count'] <= $this->maxRequests;
}
}

65
src/Auth/Models/ApiKeyModel.php Normal file
View File

@ -0,0 +1,65 @@
<?php
declare(strict_types=1);
namespace Bass\Webclient\Auth\Models;
use Bass\Webclient\Auth\Infra\AuthModelFactory;
class ApiKeyModel
{
public function findActiveByKey(string $apiKey): array
{
$sql = "
SELECT
ak.api_key,
ak.api_secret,
ak.status,
u.user_id,
u.username
FROM api_keys ak
JOIN users u ON u.user_id = ak.user_id
WHERE ak.api_key = :api_key
AND ak.status = 'active'
AND u.status = 'active'
LIMIT 1
";
try {
$stmt = AuthModelFactory::db()->prepare($sql);
$stmt->execute(['api_key' => $apiKey]);
$row = $stmt->fetch();
if (!$row) {
return [
false,
[
'code' => 'API_KEY_NOT_FOUND',
'message' => 'Invalid API key'
]
];
}
return [true, $row];
} catch (\Throwable $e) {
return [
false,
[
'code' => 'AUTH_DB_ERROR',
'message' => 'Failed to query auth database'
]
];
}
}
public function touchLastUsed(string $apiKey): void
{
$sql = "UPDATE api_keys SET last_used_at = datetime('now') WHERE api_key = :api_key";
try {
AuthModelFactory::db()
->prepare($sql)
->execute(['api_key' => $apiKey]);
} catch (\Throwable $e) {
// falha aqui NÃO bloqueia request
}
}
}

2
src/Controllers/RequestController.php
View File

@ -4,9 +4,9 @@ declare(strict_types=1);
namespace Bass\Webclient\Controllers;
use Bass\Webclient\Libs\RequestLib;
use Bass\Webclient\Http\ResponseLib;
use Psr\Http\Message\ServerRequestInterface;
use React\Http\Message\Response;
class RequestController
{
public function __invoke(ServerRequestInterface $request): Response

45
src/Domain/Client/ClientModel.php Normal file
View File

@ -0,0 +1,45 @@
<?php
declare(strict_types=1);
namespace Bass\Webclient\Domain\Client;
use Bass\Webclient\Infra\ModelFactory;
use PDO;
class ClientModel
{
private PDO $db;
public function __construct()
{
$this->db = ModelFactory::db();
}
public function insert(array $data): array
{
$sql = "
INSERT INTO client_request
(name, phone, email, company_name, sector, number_of_employees, revenue, description)
VALUES
(:name, :phone, :email, :company_name, :sector, :number_of_employees, :revenue, :description)
";
try {
$stmt = $this->db->prepare($sql);
$stmt->execute($data);
return [
true,
[
'client_id' => (int) $this->db->lastInsertId()
]
];
} catch (\Throwable $e) {
return [
false,
[
'code' => 'DB_ERROR',
'message' => 'Failed to insert client'
]
];
}
}
}

2
src/Libs/ResponseLib.php → src/Http/ResponseLib.php
View File

@ -1,7 +1,7 @@
<?php
declare(strict_types=1);
namespace Bass\Webclient\libs;
namespace Bass\Webclient\Http;
use React\Http\Message\Response;

4
src/Model/ModelFactory.php → src/Infra/ModelFactory.php
View File

@ -1,7 +1,7 @@
<?php
declare(strict_types=1);
namespace Bass\Webclient\Model;
namespace Bass\Webclient\Infra;
use PDO;
@ -9,7 +9,7 @@ class ModelFactory
{
public static function db(): PDO
{
$db = new PDO('sqlite:' . __DIR__ . '/../../data/data.db');
$db = new PDO('sqlite:' . __DIR__ . '/../../data/app.db');
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$db->setAttribute(PDO::ATTR_DEFAULT_FETCH_MODE, PDO::FETCH_ASSOC);
$db->exec('PRAGMA foreign_keys = ON;');

58
src/Libs/RequestLib.php
View File

@ -2,9 +2,11 @@
declare(strict_types=1);
namespace Bass\Webclient\Libs;
use Bass\Webclient\Model\LeadModel;
use Bass\Webclient\Schema\LeadSchema;
use Bass\Webclient\Domain\Client\ClientModel;
use React\Http\Message\Response;
use Bass\Webclient\Http\ResponseLib;
use Bass\Webclient\Schema\ClientCreateSchema;
class RequestLib
{
@ -34,54 +36,74 @@ class RequestLib
);
}
$schema = LeadSchema::schema();
$schema = ClientCreateSchema::schema();
[$ok, $err] = GuardLib::requireJsonObject($data);
if (!$ok) {
return ResponseLib::sendFail($err['message'], 400, $err);
return ResponseLib::sendFail(
$err['message'],
400,
$err
);
}
[$ok, $err] = GuardLib::maxPayloadFields($data);
if (!$ok) {
return ResponseLib::sendFail($err['message'], 400, $err);
return ResponseLib::sendFail(
$err['message'],
400,
$err
);
}
[$ok, $err] = GuardLib::allowOnlyFields($data, array_keys($schema));
if (!$ok) {
return ResponseLib::sendFail($err['message'], 400, $err);
return ResponseLib::sendFail(
$err['message'],
400,
$err
);
}
[$ok, $err] = GuardLib::blockDangerousPatterns($data);
if (!$ok) {
return ResponseLib::sendFail($err['message'], 400, $err);
return ResponseLib::sendFail(
$err['message'],
400,
$err
);
}
[$ok, $err] = GuardLib::requiredBySchema($data, $schema);
if (!$ok) {
return ResponseLib::sendFail($err['message'], 422, $err);
return ResponseLib::sendFail(
$err['message'],
422,
$err
);
}
[$ok, $err] = GuardLib::validateBySchema($data, $schema);
if (!$ok) {
return ResponseLib::sendFail($err['message'], 422, $err);
return ResponseLib::sendFail(
$err['message'],
422,
$err
);
}
[, $data] = SanitizationLib::cleanBySchema($data, $schema);
[$ok, $result] = (new LeadModel())->insert($data);
[$ok, $result] = (new ClientModel())->insert($data);
if (!$ok) {
return ResponseLib::sendFail(
'Internal server error',
500,
['code' => 'DATABASE_ERROR']
[
'code' => 'DATABASE_ERROR'
]
);
}
self::sendEmails($data);
return ResponseLib::sendOk(
[
'lead_id' => $result['lead_id'],
'client_id' => $result['client_id'],
'status' => 'received'
],
201

70
src/Middleware/RateLimitMiddleware.php
View File

@ -1,70 +0,0 @@
<?php
declare(strict_types=1);
namespace Bass\Webclient\Middleware;
use Bass\Webclient\Libs\ResponseLib;
use Psr\Http\Message\ServerRequestInterface;
use React\Http\Message\Response;
class RateLimitMiddleware
{
private int $maxRequests;
private int $windowSeconds;
private array $limits = [];
public function __construct(int $maxRequests = 30, int $windowSeconds = 60)
{
$this->maxRequests = $maxRequests;
$this->windowSeconds = $windowSeconds;
}
public function __invoke(
ServerRequestInterface $request,
callable $next
): Response {
$apiKey = $request->getHeaderLine('X-API-KEY');
if (!$apiKey) {
return ResponseLib::sendFail(
'Missing API key',
401,
['code' => 'MISSING_API_KEY']
);
}
// 🔒 rate-limit por API key (em memória)
if (!$this->allowRequest($apiKey)) {
return ResponseLib::sendFail(
'Rate limit exceeded',
429,
[
'code' => 'RATE_LIMIT_EXCEEDED',
'retry_after' => $this->windowSeconds
]
);
}
return $next($request);
}
/**
* In-memory rate-limit control
* (per process, per API key)
*/
private function allowRequest(string $key): bool
{
$now = time();
if (!isset($this->limits[$key]) || $now > $this->limits[$key]['reset']) {
$this->limits[$key] = [
'count' => 0,
'reset' => $now + $this->windowSeconds
];
}
$this->limits[$key]['count']++;
return $this->limits[$key]['count'] <= $this->maxRequests;
}
}

51
src/Model/ApiKeyModel.php
View File

@ -1,51 +0,0 @@
<?php
declare(strict_types=1);
namespace Bass\Webclient\Model;
use Bass\Webclient\Model\ModelFactory;
class ApiKeyModel
{
public function findActiveByKey(string $apiKey): array
{
$sql = "
SELECT
user_api_key AS api_key,
user_api_secret AS api_secret,
user_status AS status,
user_id,
user_name AS username
FROM users
WHERE user_api_key = :api_key
AND user_status = 1
LIMIT 1
";
try {
$stmt = ModelFactory::db()->prepare($sql);
$stmt->execute(['api_key' => $apiKey]);
$row = $stmt->fetch();
if (!$row) {
return [
false,
[
'code' => 'API_KEY_NOT_FOUND',
'message' => 'Invalid API key'
]
];
}
return [true, $row];
} catch (\Throwable $e) {
return [
false,
[
'code' => 'AUTH_DB_ERROR',
'message' => 'Failed to query auth database'
]
];
}
}
}

66
src/Model/LeadModel.php
View File

@ -1,66 +0,0 @@
<?php
declare(strict_types=1);
namespace Bass\Webclient\Model;
use PDO;
use Bass\Webclient\Model\ModelFactory;
// TODO: ADD TAXID TO BE LIMIT ONE REQUEST PER VALID USER ID
class LeadModel
{
private PDO $db;
public function __construct()
{
$this->db = ModelFactory::db();
}
public function insert(array $data): array
{
$sql = "
INSERT INTO lead
(
lead_name,
lead_phone,
lead_email,
lead_company,
lead_sector,
lead_employees,
lead_revenue,
lead_description
)
VALUES
(
:name,
:phone,
:email,
:company_name,
:sector,
:number_of_employees,
:revenue,
:description
)
";
try {
$stmt = $this->db->prepare($sql);
$stmt->execute($data);
return [
true,
[
'lead_id' => (int) $this->db->lastInsertId()
]
];
} catch (\Throwable $e) {
return [
false,
[
'code' => 'DB_ERROR',
'message' => 'Failed to insert lead'
]
];
}
}
}

4
src/Schema/LeadSchema.php → src/Schema/ClientCreateSchema.php
View File

@ -3,7 +3,7 @@ declare(strict_types=1);
namespace Bass\Webclient\Schema;
class LeadSchema
class ClientCreateSchema
{
public static function schema(): array
{
@ -33,7 +33,7 @@ class LeadSchema
'max' => 60,
],
'number_of_employees' => [
'required' => true,
'required' => false,
'type' => 'int',
'min' => 1,
],

1
src/Service/LeadService.php
View File

@ -1 +0,0 @@
<!-- TODO: add a validation for cnpj or cpf -->

39
src/migration/auth_schema.sql Normal file
View File

@ -0,0 +1,39 @@
PRAGMA foreign_keys=ON;
CREATE TABLE
users (
user_id INTEGER PRIMARY KEY AUTOINCREMENT,
username TEXT NOT NULL UNIQUE,
display_name TEXT,
email TEXT,
status TEXT NOT NULL DEFAULT 'active', -- active | disabled
created_at TEXT NOT NULL DEFAULT (datetime ('now'))
);
CREATE TABLE
api_keys (
api_key_id INTEGER PRIMARY KEY AUTOINCREMENT,
user_id INTEGER NOT NULL,
api_key TEXT NOT NULL UNIQUE,
api_secret TEXT NOT NULL,
status TEXT NOT NULL DEFAULT 'active', -- active | revoked
last_used_at TEXT,
created_at TEXT NOT NULL DEFAULT (datetime ('now')),
FOREIGN KEY (user_id) REFERENCES users (user_id)
);
CREATE TABLE
access_channels (
channel_id INTEGER PRIMARY KEY AUTOINCREMENT,
user_id INTEGER NOT NULL,
channel TEXT NOT NULL,
identifier TEXT, -- chat_id, phone, webhook_id
status TEXT NOT NULL DEFAULT 'active',
created_at TEXT NOT NULL DEFAULT (datetime ('now')),
FOREIGN KEY (user_id) REFERENCES users (user_id)
);
INSERT INTO
users (username, display_name, status)
VALUES
('system', 'System User', 'active');

39
src/migration/schema.sql
View File

@ -1,30 +1,13 @@
PRAGMA foreign_keys=ON;
-- TODO: ADD TAXID TO BE LIMIT ONE REQUEST PER VALID USER ID
CREATE TABLE
users (
user_id INTEGER PRIMARY KEY AUTOINCREMENT,
user_name TEXT NOT NULL UNIQUE,
user_source TEXT NOT NULL, -- web | api | telegram | whatsapp | system
user_api_key TEXT UNIQUE,
user_api_secret TEXT,
user_status INTEGER NOT NULL DEFAULT 1, -- 1 = active | 0 = disabled
user_flag TEXT, -- free text: admin, system, bot, etc
user_created_at INTEGER NOT NULL -- timestamp ms
);
CREATE TABLE
lead (
lead_id INTEGER PRIMARY KEY AUTOINCREMENT,
lead_source INTEGER,
lead_name TEXT NOT NULL,
lead_phone TEXT,
lead_email TEXT NOT NULL,
lead_company TEXT NOT NULL,
lead_sector TEXT NOT NULL,
lead_employees INTEGER NOT NULL,
lead_revenue TEXT NOT NULL,
lead_description TEXT,
lead_created_at DATETIME DEFAULT CURRENT_TIMESTAMP,
FOREIGN KEY (lead_source) REFERENCES users (user_id) ON DELETE SET NULL
client_request (
id INTEGER PRIMARY KEY AUTOINCREMENT,
name TEXT NOT NULL,
phone TEXT,
email TEXT NOT NULL,
company_name TEXT NOT NULL,
sector TEXT NOT NULL,
number_of_employees INTEGER NOT NULL,
revenue TEXT NOT NULL,
description TEXT,
created_at DATETIME DEFAULT CURRENT_TIMESTAMP
);

6
test/request.sh
View File

@ -4,9 +4,9 @@ set -euo pipefail
# ========= CONFIG =========
URL="http://127.0.0.1:8080/v1/request"
API_KEY="4677fb5d0258618550bdceacaf0acf39e5a38de18855bb65"
API_SECRET="5177347e4209991841d6721d733c831caf3752424941a5c9d3560dccb5e40711df34f9df7a9dda667a26be21a7e699ac"
API_USER="my-client"
API_KEY="test_api_key"
API_SECRET="test_api_secret"
API_USER="test_user"
# ========= PAYLOAD =========
BODY='{