fix: Bybit shared HTTP client, auth token bugs, consistent safe.ReadAllLimited

- Bybit: replace http.Get/http.DefaultClient with shared bybitHTTPClient (30s timeout, connection pooling)
- Frontend: fix resetPassword missing auth token (endpoint now requires auth)
- Frontend: fix SettingsPage using wrong localStorage key ('token' → 'auth_token')
- Agent: migrate remaining io.ReadAll(io.LimitReader()) to safe.ReadAllLimited for consistency
- Remove unused 'io' imports from brain.go and sentinel.go
This commit is contained in:
shinchan-zhai
2026-03-23 11:28:54 +08:00
parent b9c9f05603
commit bb459d6f9f
8 changed files with 21 additions and 12 deletions

View File

@@ -250,10 +250,12 @@ export function AuthProvider({ children }: { children: React.ReactNode }) {
const resetPassword = async (email: string, newPassword: string) => {
try {
const savedToken = token || localStorage.getItem('auth_token')
const response = await fetch('/api/reset-password', {
method: 'POST',
headers: {
'Content-Type': 'application/json',
...(savedToken ? { Authorization: `Bearer ${savedToken}` } : {}),
},
body: JSON.stringify({
email,

View File

@@ -64,7 +64,7 @@ export function SettingsPage() {
method: 'PUT',
headers: {
'Content-Type': 'application/json',
Authorization: `Bearer ${localStorage.getItem('token') || ''}`,
Authorization: `Bearer ${localStorage.getItem('auth_token') || ''}`,
},
body: JSON.stringify({ new_password: newPassword }),
})