getApiKey()
This function reverses a lightweight XOR 'encryption' so the raw API key never appears in plain text in the source file. It's called once in setup() to reconstruct API_KEY.
function getApiKey(){
return atob(encoded).split('').map(c=>String.fromCharCode(c.charCodeAt(0)^key)).join('');
}
Line-by-line explanation (3 lines)
🔧 Subcomponents:
.map(c=>String.fromCharCode(c.charCodeAt(0)^key))
Reverses a simple XOR obfuscation applied to each character of the encoded key
return atob(encoded).split('')- atob() decodes the base64 string `encoded` back into raw text, then split('') turns it into an array of individual characters
.map(c=>String.fromCharCode(c.charCodeAt(0)^key))- For every character, this gets its numeric character code, XORs it with the constant `key` (0x5A), and converts the result back into a character - this undoes the same XOR operation used to scramble the key originally
.join('')- Joins the array of decrypted characters back into a single string, producing the real OpenAI API key