fix(api): Enable management routes based on secret key presence

2026-02-03 04:50:52 +08:00 · 2025-10-04 13:32:54 +08:00
parent fd795caf76
commit 608d745159
1 changed files with 5 additions and 1 deletions
--- a/internal/api/server.go
+++ b/internal/api/server.go
@@ -394,10 +394,14 @@ func (s *Server) setupRoutes() {

 func (s *Server) managementAvailabilityMiddleware() gin.HandlerFunc {
 	return func(c *gin.Context) {
-		if !s.managementRoutesEnabled.Load() {
+		cfg := s.cfg
+		if cfg == nil || cfg.RemoteManagement.SecretKey == "" {
+			s.managementRoutesEnabled.Store(false)
 			c.AbortWithStatus(http.StatusNotFound)
 			return
 		}
+
+		s.managementRoutesEnabled.Store(true)
 		c.Next()
 	}
 }