henry/AITrader
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: update admin token check logic and improve comments for clarity

Browse Source 
feat: add condition to only delete manually added stocks from DB
docs: clarify stock notes saving method and Alpaca mode indicator fetching
chore: update binary database file
This commit is contained in:
henry
2026-05-16 22:20:29 +02:00
parent 17ba788419
commit 1eddb9173e
5 changed files with 8 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files
app/lib/auth.server.ts
+4 -2
View File
@@ -1,6 +1,8 @@
export async function requireAdmin(request: Request) { export async function requireAdmin(request: Request) {
// Simple fallback: check x-admin-token header vs ADMIN_TOKEN // If ADMIN_TOKEN is not set, allow access (dev mode)
if (!process.env.ADMIN_TOKEN) return;
// Otherwise check the x-admin-token header
const token = request.headers.get('x-admin-token'); const token = request.headers.get('x-admin-token');
if (process.env.ADMIN_TOKEN && token === process.env.ADMIN_TOKEN) return; if (token === process.env.ADMIN_TOKEN) return;
throw new Response('Unauthorized', { status: 401 }); throw new Response('Unauthorized', { status: 401 });
} }
app/routes/analyze.tsx
+1
View File
@@ -354,6 +354,7 @@ export default function Analyze() {
const stock = stocks.find((s) => s.id === id); const stock = stocks.find((s) => s.id === id);
if (!stock) return; if (!stock) return;
// Only delete from DB if it was manually added (db- prefix), not Alpaca positions
if (id.startsWith("db-")) { if (id.startsWith("db-")) {
try { try {
const formData = new FormData(); const formData = new FormData();
docs/superpowers/specs/2026-05-16-settings-page-redesign.md
+2 -2
View File
@@ -18,7 +18,7 @@ Replace the current bare-bones settings page (a flat list of JSON textareas) wit
- `trading.stopLossPercent` - number - `trading.stopLossPercent` - number
- `trading.riskMethod` - string ("fixed" | "percentage" | "atr") - `trading.riskMethod` - string ("fixed" | "percentage" | "atr")
- **Saves** via `PUT /api/admin/settings/:key` with optimistic UI update - **Saves** via `PUT /api/admin/settings/:key` with optimistic UI update
- **Stock notes** saved via `POST /api/stocks` with ticker + notes - **Stock notes** saved via `POST /api/stocks` with FormData: `{ ticker, notes }`
- **Loading state** shown while initial fetch completes - **Loading state** shown while initial fetch completes
### Layout ### Layout
@@ -48,7 +48,7 @@ Replace the current bare-bones settings page (a flat list of JSON textareas) wit
- Pagination if >20 stocks - Pagination if >20 stocks
### System ### System
- Alpaca mode indicator (paper/live) - read-only, derived from env - Alpaca mode indicator (paper/live) - read-only, fetched from `/api/alpaca/account` or derived from `ALPACA_BASE_URL` env var
- Admin token management - Admin token management
- Fallback JSON textarea for any raw `AppSetting` keys not covered above - Fallback JSON textarea for any raw `AppSetting` keys not covered above
playwright-report/index.html
+1 -1
View File
@@ -87,4 +87,4 @@ Error generating stack: `+l.message+`
<div id='root'></div> <div id='root'></div>
</body> </body>
</html> </html>
<template id="playwrightReportBase64">data:application/zip;base64,UEsDBBQAAAgIACp6sFyJhsd9+wAAAHEBAAALAAAAcmVwb3J0Lmpzb25VkEFPwzAMhf+K5XPUbXSlLPdducAN7WBabw1Nk8hxYNO0/466AhI+fe/Zsp7eFSdW6kkJ7fVmMCuJvrqJ0W7a9mlXt9vtpnmsDfZFSF0MaB/WVbOrd39TtwaPznNG+3YwmCR+cKfPNP06WUkz2itqVPJo1wb5nLhT7u+ihH/y6Gm83CmPLqUfN45oVQrfDLJIlPk37meyMKgmu1r52JEfYlbbbNoaXAbywtRfoGTuDUw0MuQiDDqQQog6uHCa76SEMGMMoANDiqKrIh6iQGYF4ZJ5f3ZZXTi9sHyy3LOAC9DFcHSn6ovfl0WFB4MxzVXlpdOJusGFpYzbN1BLAQI/AxQAAAgIACp6sFyJhsd9+wAAAHEBAAALAAAAAAAAAAAAAAC0gQAAAAByZXBvcnQuanNvblBLBQYAAAAAAQABADkAAAAkAQAAAAA=</template> <template id="playwrightReportBase64">data:application/zip;base64,UEsDBBQAAAgIAG2lsFx0vWcO0wUAAI0wAAAZAAAANTI2MTczNzcxOGJiYjExMzQ5OTcuanNvbu1aW3OjNhT+Kxo9eWcIQReunT50s2m7MzvtziZ96SbtyCDHbAB5QUyyk+a/d8AkBoFtwE7ivfjJGOlI+s53jo4++Q7Owoi/DaAHTWwhm9g2cqbTKUKEuq4NtfL9Hyzm0IOZFP71UTDVswX3dZlBDUqeyQx6H+/Kb2vtHM1mDg7olAUO5YzPDNOnqOgeyqi0PBd5FAAWBIAlAYjCTIJytGKMRSo+cV9Wk4AajITPZCgS6N2V0+ueWhQmHHpUg76I8jiBHrnXYJCnVVdCqKFBliRClr8Uq7jUoGRX1TeRS1+UQ/LbBfclD4q5MDmH3kd4VowH3jDJpizj8FKDKc/yqMJCHSWTLJXnYWkMG9g6MswjZJ0jx6PEQ67umtbfsDAh0y/QKzvwRQVrhdBrPhMpB78LUWKy1aJTWlxNBCEbd9n9NbyVecrBBZym4ibj6QXcZh4bumE4TfOm3TnrdyxP/DmoTPcxjIhi2DJXhi81yKRk/jzmiax+8EWeSOghDWbX4WLBA+jNWJTx+0GNtS5EfJFIfit7IWI6qDlxQrsAOUk5kxxUlnvZpU272HkxPBbsivcCw0Km4kVKNqBR2O1lVSUdNZ4Di7HAvf/z7BxcwGO2CI+XyawHeEhHlupxy9gSA0MSor1KiBTfr1+JBrOkeJbQg+AiNww0/egaMQAW+K96JG4Mis9F0mhgtxtUj1bsiySTtbd+yYAPPHtsQ+Kfa+9XPdkNC+s9SzI+9tFXb1L+OeerQRrvFiKTk4dHHCvOWbVbddZqQ94pCwWNhT58RQ+90XLxfT7/VF0wjluTMGJlWKeFLwABk2w1aa8TwYTfdPxO4r8+vDvjLPXn71nK4mzVZnIHZOhf87Tbcp6En3N+XrYA9686AZfiTKZhcjV51QkprMfLabnNggsoxWt+nuZy/qVHwBDdtpVsg/YXLQitwgU7I8IFGS1v1aH6qebuhpcRavVbliGTx5DpBFxcT16tc8UDqpM+E9iJ3UP4jHBrpQ1a/HY6PIsS3XaMJiksa4+sILUkaoxhRXvNCihkQBItyuVnS6Erc1e8ZqxPVn1y2o2mIB2A9nJdg8GunNSJ6adMJGuCcl2GPBGJZGFy+jlnUa+AcKj7dFnSrGXJUfFwuA5QmGKuS8vLWa1LvXV3TZY9utP3tDjqVq2LfXPQFvxkATYomNoFIty5LCa6YyonQ7LlIDSIwE6NwHQMgdcWva4RHx+Dk4izJF94IOARlxzIOQeFYqJ4t0W3dq33TVbEg/jlHmD92w3PvzGXcxFsnlgB+pvTd6fnp3W891FQ/zKTPO0nGRUB5mLleN0p6QyWAwrLyol27LF9R5WmmIlyVMBmpy4Riay/SEN011ByE7IPTpi41CBPU5FW7TLJZJ5BDy5YlpXSZksKbdm+Eek1T98mAb+FnlFYFNfQk2m+9MxGAdgxCKNkGlju1J9OseUyjNsCcJUdy/QDZqmIy8AuJdYddWC8Vgh2nkMHdrbKwAWNKNmnDFxYtBViUneLCtw/mmhbrMXWHjTPwq6qgNFD1zypbhClvqYb0eileVLdoFi1ig8utexa3FGdWrZ6XbHH4zq2d6zu8DbNE2/SPL/TOg1/qzrlGEGK6qajqpTbstoQihNc297G6JSkoTc2PUk61KpHb0X8hxS1NyGKbJL9mkh/lTIU1W2EB50FBgUB3VGGOlj4FZa01bIfIpQCUUOn211/KoirFKV0n+nbqqVvdwxzzQ3pu6N6eSSoKq4GPPq+b2MHsaxd9r18idON1gtLUePudqluW8aTbRfFkfxxuzDHBF1biex1t0vbd8JV/l5GX3dSfvmL3SGhQdHaBDyufrYtVZ7corENokK9fB5zQqQbymfaLp9/lMnjidWu0Q6hFE6EBCPKYQc/XTlM6Y6yx4tDrXh+VNmbiO6o+OrL4cGBo15dr9mrRl8hdbCZunu5Qiosk4O4Qipm0vp75u5XSFR3iPL/YeQenM77tFdIl/f/A1BLAwQUAAAICABtpbBcxDhFDq4BAABHBAAACwAAAHJlcG9ydC5qc29uzZE/b9wwDMW/isFZd7D835q7ZOnSAAUa3EBLdM892TIkGk1x8Hcv5PMhAZqgQztkIwXyvcefrjASo0FGUFdAzQvar85fyAdQchUQGD0/DiOBknXdtGXVtkXTpALM4pEHN4GSUsrqWAroB0sB1NN1qx4MKCizStZ5Xcum6zop86Jta7hNfsaoCoGdvhxMdwwz6SMHEMAU+KYTq3d1Dn3fZKbo0DQFIfVpqQsZ1we2m/LZLdYkaEyCk0nsEDjZ3KLH7N0P0ryHAAHW6f2eW/y3o9lhIlCFAO3sMk6g8vU1ijwvUgE4TY63l3jFSQDj971yC2u3WdLzTJrJxCzIZ1BP8CX6JZ+QscNAEMcvoNgvJMBTWOxOBZlRn0eaeFd99UuQpVl1SMuDrB5lo4pcyfbYltU3EPBz+9mHydAzqHQ9reJvhJs0xyLvTNV2uuuyqsUs+5OwIUtMN7ZJ792YmPsN/wg6e5d08/FAZ/mxLfI3Qd9Wo8oV2DFaUJl4SRabZXppUwG9xcuvrQqXYZ7313vMNSq+IhvjAfx3FwHkvfN3pPNO+roKGFGfh2kzPq2/AVBLAQI/AxQAAAgIAG2lsFx0vWcO0wUAAI0wAAAZAAAAAAAAAAAAAAC0gQAAAAA1MjYxNzM3NzE4YmJiMTEzNDk5Ny5qc29uUEsBAj8DFAAACAgAbaWwXMQ4RQ6uAQAARwQAAAsAAAAAAAAAAAAAALSBCgYAAHJlcG9ydC5qc29uUEsFBgAAAAACAAIAgAAAAOEHAAAAAA==</template>
prisma/dev.db
BIN
View File
Binary file not shown.