Fix: 提示词, 竞赛数据接口在管理员模式下转为公开 (#607)

* 提示词, 竞赛数据接口在管理员模式下转为公开

* Fix "go vet" error
This commit is contained in:
Burt
2025-11-06 20:42:43 +08:00
committed by GitHub
parent cb5edffe03
commit fce3441aff
5 changed files with 23 additions and 32 deletions

3
.gitignore vendored
View File

@@ -44,3 +44,6 @@ web/.vite/
# ESLint 临时报告文件(调试时生成,不纳入版本控制)
eslint-*.json
# VS code
.vscode

View File

@@ -252,7 +252,6 @@ For self-hosted or single-tenant setups, NOFX supports a strict admin-only mode
- `GET /api/health`
- `GET /api/config`
- `POST /api/admin-login`
- Registration is gated by `allow_registration` in `config.json` (default: `true`). When `admin_mode=true`, registration is blocked regardless of this flag.
- Logout invalidates the current token via an in-memory blacklist (sufficient for single instance; use Redis for multi-instance see Notes).
### Quick setup

View File

@@ -81,32 +81,28 @@ func (s *Server) setupRoutes() {
api.GET("/supported-models", s.handleGetSupportedModels)
api.GET("/supported-exchanges", s.handleGetSupportedExchanges)
// 非管理员模式下的公开认证路由
// 系统配置(无需认证,用于前端判断是否管理员模式/注册是否开启)
api.GET("/config", s.handleGetSystemConfig)
// 系统提示词模板管理(无需认证)
api.GET("/prompt-templates", s.handleGetPromptTemplates)
api.GET("/prompt-templates/:name", s.handleGetPromptTemplate)
// 公开的竞赛数据(无需认证)
api.GET("/traders", s.handlePublicTraderList)
api.GET("/competition", s.handlePublicCompetition)
api.GET("/top-traders", s.handleTopTraders)
api.GET("/equity-history", s.handleEquityHistory)
api.POST("/equity-history-batch", s.handleEquityHistoryBatch)
api.GET("/traders/:id/public-config", s.handleGetPublicTraderConfig)
// 仅在非管理员模式下的路由
if !auth.IsAdminMode() {
// 认证相关路由(无需认证)
api.POST("/register", s.handleRegister)
api.POST("/login", s.handleLogin)
api.POST("/verify-otp", s.handleVerifyOTP)
api.POST("/complete-registration", s.handleCompleteRegistration)
}
// 系统配置(无需认证,用于前端判断是否管理员模式/注册是否开启)
api.GET("/config", s.handleGetSystemConfig)
// 系统提示词模板管理(仅在非管理员模式下公开)
if !auth.IsAdminMode() {
// 系统提示词模板管理(无需认证)
api.GET("/prompt-templates", s.handleGetPromptTemplates)
api.GET("/prompt-templates/:name", s.handleGetPromptTemplate)
// 公开的竞赛数据(无需认证)
api.GET("/traders", s.handlePublicTraderList)
api.GET("/competition", s.handlePublicCompetition)
api.GET("/top-traders", s.handleTopTraders)
api.GET("/equity-history", s.handleEquityHistory)
api.POST("/equity-history-batch", s.handleEquityHistoryBatch)
api.GET("/traders/:id/public-config", s.handleGetPublicTraderConfig)
}
// 需要认证的路由
@@ -1578,13 +1574,6 @@ func (s *Server) handleRegister(c *gin.Context) {
return
}
// 若未开启注册返回403
allowRegStr, _ := s.database.GetSystemConfig("allow_registration")
if allowRegStr == "false" {
c.JSON(http.StatusForbidden, gin.H{"error": "注册已关闭"})
return
}
var req struct {
Email string `json:"email" binding:"required,email"`
Password string `json:"password" binding:"required,min=6"`

View File

@@ -1047,7 +1047,7 @@ func (t *AsterTrader) CancelStopLossOrders(symbol string) error {
_, err := t.request("DELETE", "/fapi/v1/order", cancelParams)
if err != nil {
errMsg := fmt.Sprintf("订单ID %d: %v", int64(orderID), err)
cancelErrors = append(cancelErrors, fmt.Errorf(errMsg))
cancelErrors = append(cancelErrors, fmt.Errorf("%s", errMsg))
log.Printf(" ⚠ 取消止损单失败: %s", errMsg)
continue
}
@@ -1106,7 +1106,7 @@ func (t *AsterTrader) CancelTakeProfitOrders(symbol string) error {
_, err := t.request("DELETE", "/fapi/v1/order", cancelParams)
if err != nil {
errMsg := fmt.Sprintf("订单ID %d: %v", int64(orderID), err)
cancelErrors = append(cancelErrors, fmt.Errorf(errMsg))
cancelErrors = append(cancelErrors, fmt.Errorf("%s", errMsg))
log.Printf(" ⚠ 取消止盈单失败: %s", errMsg)
continue
}

View File

@@ -519,7 +519,7 @@ func (t *FuturesTrader) CancelStopLossOrders(symbol string) error {
if err != nil {
errMsg := fmt.Sprintf("订单ID %d: %v", order.OrderID, err)
cancelErrors = append(cancelErrors, fmt.Errorf(errMsg))
cancelErrors = append(cancelErrors, fmt.Errorf("%s", errMsg))
log.Printf(" ⚠ 取消止损单失败: %s", errMsg)
continue
}
@@ -569,7 +569,7 @@ func (t *FuturesTrader) CancelTakeProfitOrders(symbol string) error {
if err != nil {
errMsg := fmt.Sprintf("订单ID %d: %v", order.OrderID, err)
cancelErrors = append(cancelErrors, fmt.Errorf(errMsg))
cancelErrors = append(cancelErrors, fmt.Errorf("%s", errMsg))
log.Printf(" ⚠ 取消止盈单失败: %s", errMsg)
continue
}