feat: exchange api security handle

This commit is contained in:
icy
2025-11-07 16:22:56 +08:00
parent 5e5a1df1a7
commit b715020d35
4 changed files with 52 additions and 47 deletions

View File

@@ -150,30 +150,9 @@ export function AITradersPage({ onTraderSelect }: AITradersPageProps) {
allExchanges?.filter((e) => {
if (!e.enabled) return false
// Aster 交易所需要特殊字段
if (e.id === 'aster') {
return (
e.asterUser &&
e.asterUser.trim() !== '' &&
e.asterSigner &&
e.asterSigner.trim() !== '' &&
e.asterPrivateKey &&
e.asterPrivateKey.trim() !== ''
)
}
// Hyperliquid 只需要私钥作为apiKey钱包地址会自动从私钥生成
if (e.id === 'hyperliquid') {
return e.apiKey && e.apiKey.trim() !== ''
}
// Binance 等其他交易所需要 apiKey 和 secretKey
return (
e.apiKey &&
e.apiKey.trim() !== '' &&
e.secretKey &&
e.secretKey.trim() !== ''
)
// 由于API不再返回敏感字段信息只能基于enabled状态判断
// 实际的配置验证将在后端进行
return true
}) || []
// 检查模型是否正在被运行中的交易员使用
@@ -818,7 +797,7 @@ export function AITradersPage({ onTraderSelect }: AITradersPageProps) {
</div>
</div>
<div
className={`w-2.5 h-2.5 md:w-3 md:h-3 rounded-full flex-shrink-0 ${exchange.enabled && exchange.apiKey ? 'bg-green-400' : 'bg-gray-500'}`}
className={`w-2.5 h-2.5 md:w-3 md:h-3 rounded-full flex-shrink-0 ${exchange.enabled ? 'bg-green-400' : 'bg-gray-500'}`}
/>
</div>
)
@@ -1691,21 +1670,18 @@ function ExchangeConfigModal({
? t('hyperliquidExchangeName', language)
: undefined
// 如果是编辑现有交易所,初始化表单数据
// 如果是编辑现有交易所,清空所有敏感字段以保证安全
useEffect(() => {
if (editingExchangeId && selectedExchange) {
setApiKey(selectedExchange.apiKey || '')
setSecretKey(selectedExchange.secretKey || '')
setPassphrase('') // Don't load existing passphrase for security
// 编辑模式下清空所有敏感字段,用户需要重新输入
setApiKey('')
setSecretKey('')
setPassphrase('')
setTestnet(selectedExchange.testnet || false)
// Hyperliquid 字段
setHyperliquidWalletAddr(selectedExchange.hyperliquidWalletAddr || '')
// Aster 字段
setAsterUser(selectedExchange.asterUser || '')
setAsterSigner(selectedExchange.asterSigner || '')
setAsterPrivateKey('') // Don't load existing private key for security
setHyperliquidWalletAddr('')
setAsterUser('')
setAsterSigner('')
setAsterPrivateKey('')
}
}, [editingExchangeId, selectedExchange])

View File

@@ -12,6 +12,11 @@ export class CryptoService {
private static publicKeyPEM: string | null = null;
static async initialize(publicKeyPEM: string) {
// 检查 Web Crypto API 是否可用
if (!window.crypto || !window.crypto.subtle) {
throw new Error('Web Crypto API is not available. Please use HTTPS or localhost to access the application.');
}
if (this.publicKey && this.publicKeyPEM === publicKeyPEM) {
return;
}

View File

@@ -108,19 +108,14 @@ export interface AIModel {
export interface Exchange {
id: string
user_id: string
name: string
type: 'cex' | 'dex'
enabled: boolean
apiKey?: string
secretKey?: string
testnet?: boolean
// Hyperliquid 特定字段
hyperliquidWalletAddr?: string
// Aster 特定字段
asterUser?: string
asterSigner?: string
asterPrivateKey?: string
deleted?: boolean
deleted: boolean
created_at: string
updated_at: string
}
export interface CreateTraderRequest {