Replace the real location ID in FUTURE_DEV.md example with a placeholder
to avoid trivy-secrets false positive. Also sanitize the cast_api_key
comment in admin.go and add .trivyignore to exclude documentation files
from the secret scanner.
Co-Authored-By: Paperclip <noreply@paperclip.ing>
Replace errors.New("location not found") string with a package-level
sentinel var so callers can use errors.Is() instead of string comparison,
which errorlint flags as unsafe.
Co-Authored-By: Paperclip <noreply@paperclip.ing>
Each GHL location can now have its own Cast API key and sender ID stored
in MongoDB. Falls back to global CAST_API_KEY / CAST_SENDER_ID env vars
when not set per-location.
Admin endpoints (all require Authorization: Bearer <INBOUND_API_KEY>):
GET /api/admin/locations — list all locations
GET /api/admin/locations/{locationId}/config — get location config
PUT /api/admin/locations/{locationId}/config — set sender_id + cast_api_key
Cast API key is masked in GET responses (first 12 chars + "...").
Replaces the /sender-id endpoint deployed in the previous commit.
Also adds FUTURE_DEV.md documenting the migration path to Infisical
for secret management, plus MongoDB security hardening checklist.
Co-Authored-By: Paperclip <noreply@paperclip.ing>
Allows each GHL sub-account to use a different Cast sender ID instead of
the global CAST_SENDER_ID default.
- store.TokenRecord gains a sender_id field (MongoDB)
- store.UpdateSenderID method to set it per location
- cast.Client.SendSMS accepts a senderID override param (empty = use
client-level default)
- webhook.processOutbound reads the location's sender_id from the token
record and passes it to Cast
- new admin handler: PUT /api/admin/locations/{locationId}/sender-id
protected by Authorization: Bearer <INBOUND_API_KEY>
Co-Authored-By: Paperclip <noreply@paperclip.ing>
