Skip to content

feat / Add Gateway proxy router #108

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
fengtality wants to merge 2 commits into
base: main
Choose a base branch
from
Open

feat / Add Gateway proxy router #108

fengtality wants to merge 2 commits into from

Conversation

@fengtality
Copy link
Contributor

@fengtality fengtality commented Jan 15, 2026
edited by rapcmia
Loading

Summary

  • Adds a catch-all proxy router at /api/gateway-proxy/* that forwards requests to the Gateway server unchanged
  • This allows the dashboard to access all Gateway endpoints through the API without needing each endpoint to be explicitly defined
  • Protected by HTTP Basic Auth like all other routes

Examples

GET /api/gateway-proxy/wallet -> GET localhost:15888/wallet
POST /api/gateway-proxy/wallet/add -> POST localhost:15888/wallet/add
GET /api/gateway-proxy/config -> GET localhost:15888/config

Security Review

  • ✅ Protected by authentication (same auth_user dependency as other routers)
  • ✅ Fixed target host (Gateway URL from config, not user-controllable)
  • ✅ No SSRF risk - forwards only to internal Gateway service

Test plan

  • Verify authentication is required
  • Test forwarding GET/POST requests to Gateway
  • Test health check endpoint at /api/gateway-proxy

🤖 Generated with Claude Code

@fengtality @claude
Add gateway proxy router and ignore bots/conf directory
9f79733 
- Add bots/conf/ to .gitignore to prevent config files from being checked in
- Add gateway_proxy.py router

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
@rapcmia rapcmia self-requested a review January 16, 2026 14:40
@rapcmia rapcmia changed the title Add Gateway proxy router feat / Add Gateway proxy router Jan 19, 2026
@rapcmia
Copy link
Contributor

rapcmia commented Jan 20, 2026

Commit 9f79733

  • Tested on docker and build local image successfully on ubuntu24.04
  • Setup hummingbot-api using make setup;make deploy ok
  • Started gateway on hummingbot/gatewat:development image ok
  • Tested with no credentials, responded with Not authenticated
  • Ran health check for /gateway-proxy ✅
  • Tested gateway-proxy ❗
    • GET /gateway-proxy/ (health) ok
    • GET /gateway-proxy/config ok
    • GET /gateway-proxy/config/chains ok
    • POST /gateway-proxy/config/update
    • GET /gateway-proxy/wallet ok
    • POST /gateway-proxy/wallet/add ok
    • POST /gateway-proxy/wallet/create ok
    • POST /gateway-proxy/wallet/show-private-key ok
    • POST /gateway-proxy/wallet/send
    • DELETE /gateway-proxy/wallet/remove ❌
      • Got a Validation error on DELETE /wallet/remove: body must be object
      curl -sS --max-time 20 -u admin:admin -H 'Content-Type: application/json' -X DELETE http://localhost:8000/gateway-proxy/wallet/remove -d '{"chain":"solana","address":"Hj1nWhpMGgSeoBXDEUUbvBPMGouD8DqganvFAm4hutdc"}' | jq
{
  "statusCode": 400,
  "error": "Validation Error",
  "message": "body must be object",
  "validation": [
    {
      "instancePath": "",
      "schemaPath": "#/type",
      "keyword": "type",
      "params": {
        "type": "object"
      },
      "message": "must be object"
    }
  ]
}
    • POST /gateway-proxy/chains/solana/balances ok
    • GET /gateway-proxy/tokens ok
    • POST /gateway-proxy/tokens ok
    • DELETE /gateway-proxy/tokens ok

Test logs: 20012026.log

@fengtality @claude
Fix DELETE requests not forwarding request body to Gateway
0f92b33 
DELETE requests with a body (e.g., /wallet/remove) were failing because
the proxy only read the body for POST, PUT, and PATCH methods.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
@fengtality
Copy link
Contributor Author

fengtality commented Jan 21, 2026

@rapcmia thanks for detailed review and finding the delete issue. Last commit shd fix it.

rapcmia
rapcmia approved these changes Jan 22, 2026
View reviewed changes
Copy link
Contributor

@rapcmia rapcmia left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

    • Tested this PR with ubuntu24.04 on docker
    • Successfully build docker image
    • Successfully deploy gateway development
    • Tested gateway-proxy with no authentication, responded with Not authenticated
    • Ran health check for /gateway-proxy ✅
    • Tested gateway-proxy
      • GET /gateway-proxy/ (health) ok
      • GET /gateway-proxy/config ok
      • GET /gateway-proxy/config/chains ok
      • POST /gateway-proxy/config/update
      • GET /gateway-proxy/wallet ok
      • POST /gateway-proxy/wallet/add ok
      • POST /gateway-proxy/wallet/create ok
      • POST /gateway-proxy/wallet/show-private-key ok
      • POST /gateway-proxy/wallet/send ok
      • DELETE /gateway-proxy/wallet/remove ok
      • POST /gateway-proxy/chains/solana/balances ok
      • GET /gateway-proxy/tokens ok
      • POST /gateway-proxy/tokens ok
      • DELETE /gateway-proxy/tokens ok
    • If gateway-proxy request expects a JSON body, User must include -d ‘{…}’ with Content-Type: application/json 
        #### sample
  curl -s -u admin:admin -X DELETE \
    -H 'Content-Type: application/json' \
    -d '{"chain":"solana","address":"<wallet>"}' \
    http://localhost:8000/gateway-proxy/wallet/remove | jq

Test logs: 20012026.log, 22012026.log

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cardosofede cardosofede cardosofede approved these changes

@rapcmia rapcmia rapcmia approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@fengtality @rapcmia @cardosofede