From 8684d4f52d5ccf6399ca23bd6f4f9409871dbaa8 Mon Sep 17 00:00:00 2001
From: zhiyong <yuzhiyongcn@qq.com>
Date: Thu, 15 May 2025 21:12:29 +0800
Subject: [PATCH] =?UTF-8?q?web=20api=E6=B7=BB=E5=8A=A0=E6=8B=A6=E6=88=AA?=
 =?UTF-8?q?=E5=8A=9F=E8=83=BD?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 src/trade_server.py | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/src/trade_server.py b/src/trade_server.py
index f225522..4bed74c 100644
--- a/src/trade_server.py
+++ b/src/trade_server.py
@@ -250,6 +250,13 @@ except Exception as e:
 
 app = Flask(__name__)
 
+# 添加中间件，拦截所有不以"/yu"开头的请求并返回404
+@app.before_request
+def check_path_prefix():
+    if not request.path.startswith('/yu'):
+        logger.warning(f"拦截非法请求: {request.path}")
+        abort(404)
+
 @app.route("/yu/healthcheck", methods=["GET"])
 def health_check():
     if is_real_mode() and _trader_instance and not _trader_instance.is_available():
@@ -549,6 +556,12 @@ def clear_strategy(strategy_name):
         abort(500, description="服务器内部错误")
 
 
+@app.route("/yu/test", methods=["GET"])
+def test_route():
+    """测试路由，用于验证中间件是否正常工作"""
+    return jsonify({"success": True, "message": "API路由前缀验证成功"}), 200
+
+
 if __name__ == "__main__":
     logger.info(f"Server starting on {Config.HOST}:{Config.PORT}")
     app.run(debug=Config.DEBUG, host=Config.HOST, port=Config.PORT)