feat(components): 调整加密方式
This commit is contained in:
121
src/service/request/api-encrypt.ts
Normal file
121
src/service/request/api-encrypt.ts
Normal file
@@ -0,0 +1,121 @@
|
||||
import type { InternalAxiosRequestConfig } from 'axios';
|
||||
import { JSEncrypt } from 'jsencrypt';
|
||||
import { SYSTEM_SERVICE_PREFIX } from '@/constants/service';
|
||||
|
||||
const API_ENCRYPT_HEADER = 'X-Api-Encrypt';
|
||||
const API_ENCRYPT_HEADER_VALUE = 'true';
|
||||
|
||||
const API_ENCRYPT_CONFIG_ERROR_MSG = '前端加密配置异常,请联系管理员';
|
||||
const API_ENCRYPT_REQUEST_ERROR_MSG = '请求加密失败,请刷新页面后重试';
|
||||
|
||||
const API_ENCRYPT_PUBLIC_KEY = `-----BEGIN PUBLIC KEY-----
|
||||
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2kobVo5aSDWvmWZIKeL
|
||||
G7dowOLTwjdWIwy7+UmTBw3e6vJW5BNEjrnW7kiqeT97VQj2V6MMmaJufpeegACG
|
||||
AmhuTnG83kVLQeiXL5rlPUmdNPM8O89gSM3iMzLSUhn+rvAaHFXjKNu2xssodYn1
|
||||
F26SlVO1ewwS82AAwEPSaotL7Kq8Qxg7vmZty6RcEjp7/OaYAtHfva3uewiGMp11
|
||||
ZkywKPleQ3nT7HHjQgAckbNZFMhTMMqDzW5oI3KSm3sA+pWsUfRrZxUf2ws358/F
|
||||
KewDbbhwj3u731NbXlO+WUfv3FvbdhktXtU/15FC0b+Tx+YHIUhkNTRzuIpiG7+X
|
||||
cwIDAQAB
|
||||
-----END PUBLIC KEY-----`;
|
||||
|
||||
const API_ENCRYPT_RULE_MAP = {
|
||||
[`POST ${SYSTEM_SERVICE_PREFIX}/auth/login`]: ['password'],
|
||||
[`POST ${SYSTEM_SERVICE_PREFIX}/auth/register`]: ['password'],
|
||||
[`PUT ${SYSTEM_SERVICE_PREFIX}/user/profile/update-password`]: ['oldPassword', 'newPassword'],
|
||||
[`POST ${SYSTEM_SERVICE_PREFIX}/user/create`]: ['password'],
|
||||
[`PUT ${SYSTEM_SERVICE_PREFIX}/user/update-password`]: ['password']
|
||||
} as const satisfies Record<string, readonly string[]>;
|
||||
|
||||
type ApiEncryptRuleKey = keyof typeof API_ENCRYPT_RULE_MAP;
|
||||
|
||||
interface ApiEncryptRequestConfig extends InternalAxiosRequestConfig {
|
||||
apiEncryptProcessed?: boolean;
|
||||
}
|
||||
|
||||
let encryptor: JSEncrypt | null = null;
|
||||
|
||||
function isPlainObject(value: unknown): value is Record<string, unknown> {
|
||||
return Object.prototype.toString.call(value) === '[object Object]';
|
||||
}
|
||||
|
||||
function normalizeRequestPath(url: string) {
|
||||
try {
|
||||
return new URL(url, 'http://localhost').pathname;
|
||||
} catch {
|
||||
return url.split('?')[0] || '';
|
||||
}
|
||||
}
|
||||
|
||||
function getApiEncryptRule(config: InternalAxiosRequestConfig) {
|
||||
const method = config.method?.toUpperCase();
|
||||
const url = config.url;
|
||||
|
||||
if (!method || !url) {
|
||||
return null;
|
||||
}
|
||||
|
||||
const ruleKey = `${method} ${normalizeRequestPath(url)}` as ApiEncryptRuleKey;
|
||||
|
||||
return API_ENCRYPT_RULE_MAP[ruleKey] ?? null;
|
||||
}
|
||||
|
||||
function getEncryptor() {
|
||||
if (encryptor) {
|
||||
return encryptor;
|
||||
}
|
||||
|
||||
const publicKey = API_ENCRYPT_PUBLIC_KEY.trim();
|
||||
|
||||
if (!publicKey.includes('BEGIN PUBLIC KEY') || !publicKey.includes('END PUBLIC KEY')) {
|
||||
throw new Error(API_ENCRYPT_CONFIG_ERROR_MSG);
|
||||
}
|
||||
|
||||
encryptor = new JSEncrypt();
|
||||
encryptor.setPublicKey(publicKey);
|
||||
|
||||
return encryptor;
|
||||
}
|
||||
|
||||
function encryptFieldValue(value: unknown) {
|
||||
if (typeof value !== 'string' || value.length === 0) {
|
||||
throw new Error(API_ENCRYPT_REQUEST_ERROR_MSG);
|
||||
}
|
||||
|
||||
const encryptedValue = getEncryptor().encrypt(value);
|
||||
|
||||
if (!encryptedValue) {
|
||||
throw new Error(API_ENCRYPT_REQUEST_ERROR_MSG);
|
||||
}
|
||||
|
||||
return encryptedValue;
|
||||
}
|
||||
|
||||
export function applyApiEncrypt(config: InternalAxiosRequestConfig) {
|
||||
const encryptConfig = config as ApiEncryptRequestConfig;
|
||||
|
||||
if (encryptConfig.apiEncryptProcessed) {
|
||||
return config;
|
||||
}
|
||||
|
||||
const encryptFields = getApiEncryptRule(config);
|
||||
|
||||
if (!encryptFields) {
|
||||
return config;
|
||||
}
|
||||
|
||||
if (!isPlainObject(config.data)) {
|
||||
throw new Error(API_ENCRYPT_REQUEST_ERROR_MSG);
|
||||
}
|
||||
|
||||
const nextData = { ...config.data };
|
||||
|
||||
encryptFields.forEach(field => {
|
||||
nextData[field] = encryptFieldValue(nextData[field]);
|
||||
});
|
||||
|
||||
config.data = nextData;
|
||||
config.headers.set(API_ENCRYPT_HEADER, API_ENCRYPT_HEADER_VALUE);
|
||||
encryptConfig.apiEncryptProcessed = true;
|
||||
|
||||
return config;
|
||||
}
|
||||
@@ -4,6 +4,7 @@ import { useAuthStore } from '@/store/modules/auth';
|
||||
import { localStg } from '@/utils/storage';
|
||||
import { getServiceBaseURL } from '@/utils/service';
|
||||
import { $t } from '@/locales';
|
||||
import { applyApiEncrypt } from './api-encrypt';
|
||||
import { getAuthorization, handleExpiredRequest, showErrorMsg } from './shared';
|
||||
import type { RequestInstanceState } from './type';
|
||||
|
||||
@@ -28,6 +29,7 @@ export const request = createFlatRequest(
|
||||
async onRequest(config) {
|
||||
const Authorization = getAuthorization();
|
||||
Object.assign(config.headers, { Authorization });
|
||||
applyApiEncrypt(config);
|
||||
|
||||
return config;
|
||||
},
|
||||
|
||||
Reference in New Issue
Block a user