henry/AITrader
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: update admin token check logic and improve comments for clarity

Browse Source 
feat: add condition to only delete manually added stocks from DB
docs: clarify stock notes saving method and Alpaca mode indicator fetching
chore: update binary database file
This commit is contained in:
henry
2026-05-16 22:20:29 +02:00
parent 17ba788419
commit 1eddb9173e
5 changed files with 8 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files
app/lib/auth.server.ts
+4 -2
View File
@@ -1,6 +1,8 @@
export async function requireAdmin(request: Request) {
// Simple fallback: check x-admin-token header vs ADMIN_TOKEN
// If ADMIN_TOKEN is not set, allow access (dev mode)
if (!process.env.ADMIN_TOKEN) return;
// Otherwise check the x-admin-token header
const token = request.headers.get('x-admin-token');
if (process.env.ADMIN_TOKEN && token === process.env.ADMIN_TOKEN) return;
if (token === process.env.ADMIN_TOKEN) return;
throw new Response('Unauthorized', { status: 401 });
}
app/routes/analyze.tsx
+1
View File
@@ -354,6 +354,7 @@ export default function Analyze() {
const stock = stocks.find((s) => s.id === id);
if (!stock) return;
// Only delete from DB if it was manually added (db- prefix), not Alpaca positions
if (id.startsWith("db-")) {
try {
const formData = new FormData();