feat: add TRANSPORT_ENCRYPTION toggle for easier deployment

- Add TRANSPORT_ENCRYPTION env config (default: false)
- Allow HTTP/IP access when transport encryption is disabled
- Add /api/crypto/config endpoint to expose encryption status
- Update WebCryptoEnvironmentCheck with 'disabled' status
- Update ExchangeConfigModal and AITradersPage to allow form submission when disabled
- Add i18n translations for disabled status (EN/CN)
- Update README with two deployment modes documentation
This commit is contained in:
tinkle-community
2025-12-09 18:04:42 +08:00
parent 5f3797e255
commit c720d663f1
11 changed files with 225 additions and 13 deletions

View File

@@ -16,6 +16,11 @@ type Config struct {
APIServerPort int
JWTSecret string
RegistrationEnabled bool
// Security configuration
// TransportEncryption enables browser-side encryption for API keys
// Requires HTTPS or localhost. Set to false for HTTP access via IP.
TransportEncryption bool
}
// Init initializes global configuration (from .env)
@@ -43,6 +48,12 @@ func Init() {
}
}
// Transport encryption: default false for easier deployment
// Set TRANSPORT_ENCRYPTION=true to enable (requires HTTPS or localhost)
if v := os.Getenv("TRANSPORT_ENCRYPTION"); v != "" {
cfg.TransportEncryption = strings.ToLower(v) == "true"
}
global = cfg
}