viktor/trading
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix: resolve 8 critical issues from code review

Browse source 
C1: Fix BacktestDataLoader constructor args (was passing wrong kwargs)
C2: Fix BacktestResult attribute names (max_drawdown_pct, avg_hold_duration)
C3: Remove insecure JWT secret default (now required via env var)
C4: Fix .env.example to use TRADING_ prefix for all config vars
C5: Add missing fields to portfolio endpoint (daily_pnl_pct, total_pnl, trading_active)
C6: Add missing /portfolio/metrics endpoint
C7: Add 'value' field to equity curve response for frontend compatibility
C8: Add 6M/ALL periods and case-insensitive period enum parsing
Also: make app creation lazy to avoid config validation at import time
This commit is contained in:
Viktor Barzin 2026-02-22 17:48:40 +00:00
parent 870961f3e9
commit 2a56727267
No known key found for this signature in database
GPG key ID: 0EB088298288D958
5 changed files with 103 additions and 27 deletions
Download patch file Download diff file Expand all files Collapse all files

31
.env.example
View file

@ -1,23 +1,28 @@
# PostgreSQL
POSTGRES_PASSWORD=trading
# Trading Bot
TRADING_DATABASE_URL=postgresql+asyncpg://trading:trading@localhost:5432/trading
TRADING_REDIS_URL=redis://localhost:6379/0
# Trading Bot — shared config (env_prefix = "TRADING_")
TRADING_DATABASE_URL=postgresql+asyncpg://trading:trading@postgres:5432/trading
TRADING_REDIS_URL=redis://redis:6379/0
TRADING_LOG_LEVEL=INFO
# Alpaca (paper trading)
ALPACA_API_KEY=your_api_key_here
ALPACA_SECRET_KEY=your_secret_key_here
ALPACA_BASE_URL=https://paper-api.alpaca.markets
TRADING_ALPACA_API_KEY=your_api_key_here
TRADING_ALPACA_SECRET_KEY=your_secret_key_here
TRADING_ALPACA_BASE_URL=https://paper-api.alpaca.markets
# JWT
JWT_SECRET_KEY=change-me-in-production
# JWT — REQUIRED, generate with: python -c "import secrets; print(secrets.token_hex(32))"
TRADING_JWT_SECRET_KEY=
# Reddit (for news fetcher)
REDDIT_CLIENT_ID=your_client_id
REDDIT_CLIENT_SECRET=your_client_secret
REDDIT_USER_AGENT=trading-bot/0.1
TRADING_REDDIT_CLIENT_ID=your_client_id
TRADING_REDDIT_CLIENT_SECRET=your_client_secret
TRADING_REDDIT_USER_AGENT=trading-bot/0.1
# Ollama
OLLAMA_HOST=http://localhost:11434
# Ollama — use Docker service name inside compose
TRADING_OLLAMA_HOST=http://ollama:11434
# WebAuthn — update for production domain
TRADING_RP_ID=localhost
TRADING_RP_NAME=Trading Bot
TRADING_RP_ORIGIN=http://localhost:5173