From 477a30c2ebcb2b3a4b4dbd4004688322b01f5397 Mon Sep 17 00:00:00 2001
From: kikootwo <folcards@yahoo.com>
Date: Mon, 22 Dec 2025 09:57:27 -0500
Subject: [PATCH] Update .gitignore and mask 'secret' in settings API

Added /cache, /redis, and /pgdata to .gitignore to prevent committing local data directories. Updated the admin settings API to also mask values for keys containing 'secret' in addition to other sensitive keys.
---
 .gitignore                          | 5 ++++-
 src/app/api/admin/settings/route.ts | 2 +-
 2 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/.gitignore b/.gitignore
index 03427a2..4167627 100644
--- a/.gitignore
+++ b/.gitignore
@@ -48,4 +48,7 @@ next-env.d.ts
 /media
 
 /src/generated/prisma
-/RMAB
\ No newline at end of file
+/RMAB
+/cache
+/redis
+/pgdata
\ No newline at end of file
diff --git a/src/app/api/admin/settings/route.ts b/src/app/api/admin/settings/route.ts
index b7080c5..666ef55 100644
--- a/src/app/api/admin/settings/route.ts
+++ b/src/app/api/admin/settings/route.ts
@@ -17,7 +17,7 @@ export async function GET(request: NextRequest) {
 
     // Mask sensitive values
     const maskValue = (key: string, value: string | null | undefined) => {
-      const sensitiveKeys = ['token', 'api_key', 'password'];
+      const sensitiveKeys = ['token', 'api_key', 'password', 'secret'];
       if (value && sensitiveKeys.some((k) => key.includes(k))) {
         return '••••••••••••';
       }