mirror of
https://github.com/NoFxAiOS/nofx.git
synced 2026-07-11 23:07:01 +08:00
Fix(readme): modify docoments (#956)
* fix(trader): get peakPnlPct using posKey * fix(docs): keep readme at the same page --------- Co-authored-by: zbhan <zbhan@freewheel.tv>
This commit is contained in:
43
README.md
43
README.md
@@ -31,7 +31,6 @@
|
||||
- [🧠 AI Self-Learning](#-ai-self-learning-example)
|
||||
- [📊 Web Interface Features](#-web-interface-features)
|
||||
- [🎛️ API Endpoints](#️-api-endpoints)
|
||||
- [🔐 Admin Mode (Single-User)](#-admin-mode-single-user)
|
||||
- [⚠️ Important Risk Warnings](#️-important-risk-warnings)
|
||||
- [🛠️ Common Issues](#️-common-issues)
|
||||
- [📈 Performance Tips](#-performance-optimization-tips)
|
||||
@@ -245,48 +244,6 @@ NOFX is built with a modern, modular architecture:
|
||||
|
||||
---
|
||||
|
||||
## 🔐 Admin Mode (Single-User)
|
||||
|
||||
For self-hosted or single-tenant setups, NOFX supports a strict admin-only mode that disables public features and requires an admin password for all access.
|
||||
|
||||
### How it works
|
||||
- All API endpoints require a valid JWT when `admin_mode=true`, except:
|
||||
- `GET /api/health`
|
||||
- `GET /api/config`
|
||||
- `POST /api/admin-login`
|
||||
- Logout invalidates the current token via an in-memory blacklist (sufficient for single instance; use Redis for multi-instance – see Notes).
|
||||
|
||||
### Quick setup
|
||||
1) Set flags in `config.json`:
|
||||
```jsonc
|
||||
{
|
||||
// ... other config
|
||||
"admin_mode": true,
|
||||
"jwt_secret": "YOUR_JWT_SCR"
|
||||
}
|
||||
```
|
||||
|
||||
2) Provide required environment variables:
|
||||
- `NOFX_ADMIN_PASSWORD` — plaintext admin password (only used at startup to derive a bcrypt hash)
|
||||
|
||||
Docker Compose example (already wired):
|
||||
```yaml
|
||||
services:
|
||||
nofx:
|
||||
environment:
|
||||
- NOFX_ADMIN_PASSWORD=${NOFX_ADMIN_PASSWORD}
|
||||
```
|
||||
|
||||
1) Login flow (admin mode):
|
||||
- Open the web UI → you’ll be redirected to the login page
|
||||
- Enter admin password → the server returns a JWT
|
||||
- The UI stores the token and authenticates subsequent API calls
|
||||
|
||||
### Notes
|
||||
- Token lifetime: 24h. On logout, tokens are blacklisted in-memory until expiry. For multi-instance deployments, use a shared store (e.g., Redis) to sync the blacklist.
|
||||
|
||||
---
|
||||
|
||||
## 💰 Register Binance Account (Save on Fees!)
|
||||
|
||||
Before using this system, you need a Binance Futures account. **Use our referral link to save on trading fees:**
|
||||
|
||||
Reference in New Issue
Block a user