feat: add TRANSPORT_ENCRYPTION toggle for easier deployment

- Add TRANSPORT_ENCRYPTION env config (default: false)
- Allow HTTP/IP access when transport encryption is disabled
- Add /api/crypto/config endpoint to expose encryption status
- Update WebCryptoEnvironmentCheck with 'disabled' status
- Update ExchangeConfigModal and AITradersPage to allow form submission when disabled
- Add i18n translations for disabled status (EN/CN)
- Update README with two deployment modes documentation
This commit is contained in:
tinkle-community
2025-12-09 18:04:42 +08:00
parent 5f3797e255
commit c720d663f1
11 changed files with 225 additions and 13 deletions

View File

@@ -3,6 +3,7 @@ package api
import (
"log"
"net/http"
"nofx/config"
"nofx/crypto"
"github.com/gin-gonic/gin"
@@ -20,15 +21,35 @@ func NewCryptoHandler(cryptoService *crypto.CryptoService) *CryptoHandler {
}
}
// ==================== Crypto Config Endpoint ====================
// HandleGetCryptoConfig Get crypto configuration
func (h *CryptoHandler) HandleGetCryptoConfig(c *gin.Context) {
cfg := config.Get()
c.JSON(http.StatusOK, gin.H{
"transport_encryption": cfg.TransportEncryption,
})
}
// ==================== Public Key Endpoint ====================
// HandleGetPublicKey Get server public key
func (h *CryptoHandler) HandleGetPublicKey(c *gin.Context) {
publicKey := h.cryptoService.GetPublicKeyPEM()
cfg := config.Get()
if !cfg.TransportEncryption {
c.JSON(http.StatusOK, gin.H{
"public_key": "",
"algorithm": "",
"transport_encryption": false,
})
return
}
c.JSON(http.StatusOK, map[string]string{
"public_key": publicKey,
"algorithm": "RSA-OAEP-2048",
publicKey := h.cryptoService.GetPublicKeyPEM()
c.JSON(http.StatusOK, gin.H{
"public_key": publicKey,
"algorithm": "RSA-OAEP-2048",
"transport_encryption": true,
})
}