disable swagger + update cors for production

2025-10-31 00:55:29 +07:00
parent 29685fd68d
commit 758e376381
6 changed files with 85 additions and 73 deletions
--- a/src/Managing.Api/HealthChecks/CandleDataDetailedHealthCheck.cs
+++ b/src/Managing.Api/HealthChecks/CandleDataDetailedHealthCheck.cs
@@ -140,3 +140,4 @@ namespace Managing.Api.HealthChecks
    }
 }

+
--- a/src/Managing.Api/Models/Requests/IndicatorRequestDto.cs
+++ b/src/Managing.Api/Models/Requests/IndicatorRequestDto.cs
@@ -1,43 +1,23 @@
-#nullable enable
-
 using System.ComponentModel.DataAnnotations;

 namespace Managing.Api.Models.Requests;

-/// <summary>
-/// Request model for submitting indicator requests to N8n webhook
-/// </summary>
 public class IndicatorRequestDto
 {
-    /// <summary>
-    /// Name of the indicator (e.g., "MACD", "RSI", "Bollinger Bands")
-    /// </summary>
    [Required]
    [StringLength(200, MinimumLength = 4, ErrorMessage = "Indicator name must be between 4 and 200 characters.")]
    public string IndicatorName { get; set; } = string.Empty;

-    /// <summary>
-    /// Strategy or description of how the indicator is used (e.g., "MACD Cross", "RSI Divergence")
-    /// </summary>
    [Required]
    [StringLength(1000, MinimumLength = 10, ErrorMessage = "Strategy description must be between 10 and 1000 characters.")]
    public string StrategyDescription { get; set; } = string.Empty;

-    /// <summary>
-    /// Primary documentation URL for the indicator
-    /// </summary>
    [Url(ErrorMessage = "Documentation URL must be a valid URL.")]
    public string? DocumentationUrl { get; set; }

-    /// <summary>
-    /// Image URL for the indicator (optional) - can be a chart, diagram, or visual representation
-    /// </summary>
    [Url(ErrorMessage = "Image URL must be a valid URL.")]
    public string? ImageUrl { get; set; }

-    /// <summary>
-    /// Telegram account handle of the person requesting the indicator (e.g., "cryptooda")
-    /// </summary>
    [Required]
    [RegularExpression(@"^(?=(?:[0-9_]*[a-z]){3})[a-z0-9_]{5,}$", 
        ErrorMessage = "Requester name must be a valid Telegram handle (lowercase letters, numbers, underscores only, minimum 5 characters with at least 3 letters).")]
--- a/src/Managing.Api/Program.cs
+++ b/src/Managing.Api/Program.cs
@@ -243,16 +243,33 @@ builder.Services
        };
    });

-builder.Services.AddCors(o => o.AddPolicy("CorsPolicy", builder =>
+// Configure CORS from configuration (appsettings.json)
+var allowedCorsOrigins = builder.Configuration
+    .GetSection("Cors:AllowedOrigins")
+    .Get<string[]>() ?? Array.Empty<string>();
+
+builder.Services.AddCors(options =>
 {
-    builder
-        .SetIsOriginAllowed((host) => true)
-        .AllowAnyOrigin()
-        .WithOrigins("http://localhost:3000/")
+    options.AddPolicy("CorsPolicy", policy =>
+    {
+        if (allowedCorsOrigins.Length > 0)
+        {
+            policy
+                .WithOrigins(allowedCorsOrigins)
                .AllowAnyMethod()
                .AllowAnyHeader()
                .AllowCredentials();
-}));
+        }
+        else
+        {
+            // Fallback for development if no origins configured
+            policy
+                .AllowAnyMethod()
+                .AllowAnyHeader()
+                .SetIsOriginAllowed(_ => true);
+        }
+    });
+});

 builder.Services.AddSignalR().AddJsonProtocol();
 builder.Services.AddScoped<IJwtUtils, JwtUtils>();
@@ -262,6 +279,9 @@ builder.Services.RegisterApiDependencies(builder.Configuration);
 // Orleans is always configured, but grains can be controlled
 builder.Host.ConfigureOrleans(builder.Configuration, builder.Environment.IsProduction());
 builder.Services.AddHostedServices();
+var enableSwagger = builder.Configuration.GetValue<bool>("EnableSwagger", builder.Environment.IsDevelopment());
+if (enableSwagger)
+{
    builder.Services.AddEndpointsApiExplorer();
    builder.Services.AddOpenApiDocument(document =>
    {
@@ -303,6 +323,7 @@ builder.Services.AddSwaggerGen(options =>
            }
        });
    });
+}

 builder.WebHost.SetupDiscordBot();

@@ -310,12 +331,15 @@ builder.WebHost.SetupDiscordBot();
 var app = builder.Build();

 app.UseSerilogRequestLogging();
+if (enableSwagger)
+{
    app.UseOpenApi();
    app.UseSwaggerUI(c =>
    {
        c.SwaggerEndpoint("/swagger/v1/swagger.json", "Managing API v1");
        c.RoutePrefix = string.Empty;
    });
+}

 app.UseCors("CorsPolicy");

--- a/src/Managing.Api/appsettings.Production.json
+++ b/src/Managing.Api/appsettings.Production.json
@@ -35,5 +35,11 @@
    "SentryEnabled": false,
    "LoopDetectionEnabled": true,
    "LogErrorsOnly": true
+  },
+  "Cors": {
+    "AllowedOrigins": [
+      "https://app.kaigen.ai",
+      "https://api.kaigen.ai"
+    ]
  }
 }
--- a/src/Managing.Api/appsettings.json
+++ b/src/Managing.Api/appsettings.json
@@ -101,5 +101,6 @@
    "LogSlowQueriesOnly": false,
    "LogErrorsOnly": false,
    "DataRetentionMinutes": 300
-  }
+  },
+  "EnableSwagger": false
 }
--- a/src/Managing.WebApp/src/hooks/useClaimUiFees.ts
+++ b/src/Managing.WebApp/src/hooks/useClaimUiFees.ts
@@ -5,7 +5,7 @@ import {parseAbi} from 'viem'
 import {GmxSdk} from '@gmx-io/sdk'

 // ExchangeRouter contract address on Arbitrum
-const EXCHANGE_ROUTER_ADDRESS = '0x5aC4e27341e4cCcb3e5FD62f9E62db2Adf43dd57'
+const EXCHANGE_ROUTER_ADDRESS = '0x87d66368cD08a7Ca42252f5ab44B2fb6d1Fb8d15'

 // ABI for the claimUiFees function
 const CLAIM_UI_FEES_ABI = parseAbi([