From 608d7451593c4d6f486faf050bf375f8feecec4c Mon Sep 17 00:00:00 2001
From: hkfires <10558748+hkfires@users.noreply.github.com>
Date: Sat, 4 Oct 2025 13:32:54 +0800
Subject: [PATCH] fix(api): Enable management routes based on secret key
 presence

---
 internal/api/server.go | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/internal/api/server.go b/internal/api/server.go
index 20f3abc4..a86ad6bf 100644
--- a/internal/api/server.go
+++ b/internal/api/server.go
@@ -394,10 +394,14 @@ func (s *Server) setupRoutes() {
 
 func (s *Server) managementAvailabilityMiddleware() gin.HandlerFunc {
 	return func(c *gin.Context) {
-		if !s.managementRoutesEnabled.Load() {
+		cfg := s.cfg
+		if cfg == nil || cfg.RemoteManagement.SecretKey == "" {
+			s.managementRoutesEnabled.Store(false)
 			c.AbortWithStatus(http.StatusNotFound)
 			return
 		}
+
+		s.managementRoutesEnabled.Store(true)
 		c.Next()
 	}
 }