From 0e3fe5fd8acc7e634bbf1d52f8b89ab95b6cd23b Mon Sep 17 00:00:00 2001
From: merelendor <merelendor@gmail.com>
Date: Sat, 30 Nov 2024 11:32:11 +0000
Subject: [PATCH] security audit fixes: task ID 12: remove /api/account/token/
 method

---
 api/index.php | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/api/index.php b/api/index.php
index bf6fabe..79b6b6f 100644
--- a/api/index.php
+++ b/api/index.php
@@ -2598,12 +2598,14 @@ switch($PARAM_1)
 	{
 		switch($PARAM_2)
 		{
+			/* DEPRECATED & DISABLED due to security reasons
 			case "token":
 			{
 				print \Bitrix\Main\Web\JWT::encode(["acc_number" => $REQ['acc_number']], $secret, 'HS256', null, null);
 				die();
 			}
 			break;
+			*/
 
 			case "recovery":
 			{