feat: add TRANSPORT_ENCRYPTION toggle for easier deployment

- Add TRANSPORT_ENCRYPTION env config (default: false)
- Allow HTTP/IP access when transport encryption is disabled
- Add /api/crypto/config endpoint to expose encryption status
- Update WebCryptoEnvironmentCheck with 'disabled' status
- Update ExchangeConfigModal and AITradersPage to allow form submission when disabled
- Add i18n translations for disabled status (EN/CN)
- Update README with two deployment modes documentation
This commit is contained in:
tinkle-community
2025-12-09 18:04:42 +08:00
parent 5f3797e255
commit c720d663f1
11 changed files with 225 additions and 13 deletions

View File

@@ -963,6 +963,9 @@ export const translations = {
unsupportedDesc:
'Open NOFX over HTTPS (or http://localhost during development) and avoid insecure iframes/reverse proxies so the browser can enable Web Crypto.',
summary: 'Current origin: {origin} • Protocol: {protocol}',
disabledTitle: 'Transport encryption disabled',
disabledDesc:
'Server-side transport encryption is disabled. API keys will be transmitted in plaintext. Enable TRANSPORT_ENCRYPTION=true for enhanced security.',
},
environmentSteps: {
@@ -1905,6 +1908,9 @@ export const translations = {
unsupportedDesc:
'请通过 HTTPS 或本机 localhost 访问 NOFX并避免嵌入不安全 iframe/反向代理,以符合浏览器的 Web Crypto 规则。',
summary: '当前来源:{origin} · 协议:{protocol}',
disabledTitle: '传输加密已禁用',
disabledDesc:
'服务端传输加密已关闭API 密钥将以明文传输。如需增强安全性,请设置 TRANSPORT_ENCRYPTION=true。',
},
environmentSteps: {