fix order of hash_equals

api.php

@@ -7528,11 +7528,7 @@ namespace Tqdev\PhpCrudApi\Middleware {
             switch ($algorithm[0]) {
                 case 'H':
                     $hash = hash_hmac($hmac, $data, $secret, true);
-                    if (function_exists('hash_equals')) {
-                        $equals = hash_equals($signature, $hash);
-                    } else {
-                        $equals = $signature == $hash;
-                    }
+                    $equals = hash_equals($hash, $signature);
                     if (!$equals) {
                         return array();
                     }