c9d8e0c7e6
SECURITY CLEANUP COMPLETED High Priority - Sensitive Data Removed: - Delete directus_ecosystem_with_keys.js (contained DB password & API keys) - Delete directus_ecosystem_updated.js (contained credentials) - Delete directus_ecosystem_final.js (CRITICAL: real OpenAI API key) - Delete temp_server.env (complete production secrets) - Delete check_config.js (API key inspection script) - Delete extract_keys.ps1/.bat (key extraction scripts) - Delete fix_database_url.sh (server IP & SSH paths) - Delete setup_fcm_server.sh (sensitive config procedures) Medium Priority - AI-Generated Test Files: - Delete 5 test JavaScript files (OpenAI, Go backend, Vision API tests) - Delete 10 test registration JSON files (registration flow tests) - Delete 4 temporary Go files (AI-generated patches) Low Priority - Temporary Artifacts: - Delete _tmp_* files and directories - Delete log files (api_logs.txt, web_errors.log, flutter_01.log, log.ini) - Delete import requests.py (Python test script) Files Secured (Legitimate): - Keep .env file (contains legitimate production secrets) - Keep production scripts and configuration files - Keep organized migrations and documentation Cleanup Summary: - 30+ files removed - Risk level: HIGH LOW - No exposed API keys or credentials - Clean project structure - Enhanced security posture Documentation Added: - SECURITY_AUDIT_CLEANUP.md - Complete audit report - SQL_MIGRATION_ORGANIZATION.md - Migration organization guide - ENHANCED_REGISTRATION_FLOW.md - Registration system docs - TURNSTILE_INTEGRATION_COMPLETE.md - Security integration docs - USER_APPEAL_SYSTEM.md - Appeal system documentation Benefits: - Eliminated API key exposure - Removed sensitive server information - Clean AI-generated test artifacts - Professional project organization - Enhanced security practices - Comprehensive documentation
2.3 KiB
2.3 KiB
🚀 Setup API Keys for AI Moderation
📋 Quick Setup Instructions
1. Update Directus Configuration
The ecosystem config file has been transferred to the server at /tmp/directus_ecosystem_final.js.
Option A: Edit on Server
ssh patrick@194.238.28.122
nano /tmp/directus_ecosystem_final.js
# Replace the placeholder keys with your actual keys
Option B: Edit Locally & Transfer
- Open
c:\Webs\Sojorn\directus_ecosystem_final.js - Replace these lines:
OPENAI_API_KEY: 'sk-YOUR_OPENAI_API_KEY_HERE', // ← Replace with your key GOOGLE_VISION_API_KEY: 'YOUR_GOOGLE_VISION_API_KEY_HERE', // ← Replace with your key - Save and transfer:
scp "c:\Webs\Sojorn\directus_ecosystem_final.js" patrick@194.238.28.122:/tmp/
2. Apply Configuration
ssh patrick@194.238.28.122
cp /tmp/directus_ecosystem_final.js /home/patrick/directus/ecosystem.config.js
pm2 restart directus --update-env
3. Verify Setup
# Check Directus is running
curl -I https://cms.sojorn.net/admin
# Check API keys are loaded
pm2 logs directus --lines 5
🔑 Where to Find Your API Keys
OpenAI API Key
- Go to: https://platform.openai.com/api-keys
- Copy your key (starts with
sk-) - Format:
sk-proj-...orsk-...
Google Vision API Key
- Go to: https://console.cloud.google.com/apis/credentials
- Find your Vision API key
- Format: alphanumeric string
✅ Verification
Once configured, you can test the AI moderation:
- Access Directus: https://cms.sojorn.net/admin
- Navigate to Collections: Look for
moderation_flags - Test Content: Create a test post with content that should be flagged
- Check Results: Flags should appear in the moderation queue
🚨 Important Notes
- Keep keys secure: Don't commit them to git
- Rate limits: OpenAI has rate limits (60 requests/min for free tier)
- Billing: Both services charge per API call
- Fallback: System will use keyword detection if APIs fail
🎯 Next Steps
After setting up API keys:
- ✅ Test with sample content
- ✅ Configure Directus moderation interface
- ✅ Set up user status management
- ✅ Monitor API usage and costs
Your AI moderation system is ready to go! 🚀