You've already forked wc-licensed-product
Add per-license customer secrets for API response verification
- Add static methods to ResponseSigner for deriving customer-specific secrets - Display "API Verification Secret" in customer account licenses page - Add collapsible secret section with copy button - Update server-implementation.md with per-license secret documentation - Update translations with new strings Each customer now gets a unique verification secret derived from their license key, eliminating the need to share the master server secret. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
@@ -65,6 +65,26 @@
|
||||
{% endif %}
|
||||
</span>
|
||||
</div>
|
||||
{% if signing_enabled and license.customer_secret %}
|
||||
<div class="license-row-secret">
|
||||
<button type="button" class="secret-toggle" aria-expanded="false">
|
||||
<span class="dashicons dashicons-lock"></span>
|
||||
{{ __('API Verification Secret') }}
|
||||
<span class="dashicons dashicons-arrow-down-alt2 toggle-arrow"></span>
|
||||
</button>
|
||||
<div class="secret-content" style="display: none;">
|
||||
<p class="secret-description">
|
||||
{{ __('Use this secret to verify signed API responses. Keep it secure.') }}
|
||||
</p>
|
||||
<div class="secret-value-wrapper">
|
||||
<code class="secret-value">{{ esc_html(license.customer_secret) }}</code>
|
||||
<button type="button" class="copy-secret-btn" data-secret="{{ esc_attr(license.customer_secret) }}" title="{{ __('Copy to clipboard') }}">
|
||||
<span class="dashicons dashicons-clipboard"></span>
|
||||
</button>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
{% endif %}
|
||||
</div>
|
||||
{% endfor %}
|
||||
</div>
|
||||
|
||||
Reference in New Issue
Block a user