encrypt

b557351b · 刘怀志 · 65e2f936 · b557351b · b557351b · b557351b
Commit b557351b authored Sep 07, 2023 by 刘怀志
Showing with 121 additions and 2 deletions

package.json package.json +1 -0

aesSecretUtil.js src/utils/encrypt/aesSecretUtil.js +76 -0

aseKeConfig.js src/utils/encrypt/aseKeConfig.js +8 -0

request.js src/utils/request.js +36 -2

No files found.
--- a/package.json
+++ b/package.json
@@ -33,6 +33,7 @@
    "axios": "0.24.0",
    "clipboard": "2.0.8",
    "core-js": "3.25.3",
+    "crypto-js": "^4.1.1",
    "echarts": "^5.4.0",
    "element-china-area-data": "^5.0.2",
    "element-resize-detector": "^1.2.4",

--- a/src/utils/encrypt/aesSecretUtil.js
+++ b/src/utils/encrypt/aesSecretUtil.js
+import CryptoJS from 'crypto-js'
+import { AES_KEY, AES_IV, PARAM_ENCRYPT_ABLE, EXCLUE_PATH, RESULT_ENCRYPT_ABLE } from './aseKeConfig.js'
+const key = CryptoJS.enc.Utf8.parse(AES_KEY) // 16位
+const iv = CryptoJS.enc.Utf8.parse(AES_IV)
+const excluePath = EXCLUE_PATH
+const paramEncryptAble = PARAM_ENCRYPT_ABLE
+const resultEncryptAble = RESULT_ENCRYPT_ABLE
+/**
+ * Description AES CBC BASE64加密解密
+ * @author
+ * @date 13:38 2022/3/31
+ */
+export default {
+  // aes加密
+  encrypt(word) {
+    let encrypted = ''
+    if (typeof word === 'string') {
+      const srcs = CryptoJS.enc.Utf8.parse(word)
+      encrypted = CryptoJS.AES.encrypt(srcs, key, {
+        iv: iv,
+        mode: CryptoJS.mode.CBC,
+        padding: CryptoJS.pad.ZeroPadding
+      })
+    } else if (typeof word === 'object') {
+      // 对象格式的转成json字符串
+      const data = JSON.stringify(word)
+      const srcs = CryptoJS.enc.Utf8.parse(data)
+      encrypted = CryptoJS.AES.encrypt(srcs, key, {
+        iv: iv,
+        mode: CryptoJS.mode.CBC,
+        padding: CryptoJS.pad.ZeroPadding
+      })
+    }
+    return CryptoJS.enc.Base64.stringify(encrypted.ciphertext)
+  },
+  // aes解密
+  decrypt(word) {
+    if (word) {
+      let base64 = CryptoJS.enc.Base64.parse(word)
+      let src = CryptoJS.enc.Base64.stringify(base64)
+      var decrypt = CryptoJS.AES.decrypt(src, key, {
+        iv: iv,
+        mode: CryptoJS.mode.CBC,
+        padding: CryptoJS.pad.ZeroPadding
+      })
+      var decryptedStr = decrypt.toString(CryptoJS.enc.Utf8)
+      return decryptedStr.toString()
+    } else {
+      return word
+    }
+  },
+  // 判断url是否在匹配的正则表达式上,匹配则不进行加密，不配则需要加密
+  checkIsExcluePath(url) {
+    // 如果包含需要排除加密的接口返回true
+    let flag = false
+    for (let i = 0; i < excluePath.length; i++) {
+      if (new RegExp('^' + excluePath[i]).test(url)) {
+        flag = true
+        break
+      } else {
+        flag = false
+      }
+    }
+    return flag
+  },
+  // 判断是否请求需要进行加密，配置值true的时候需要加密否则不需要
+  checkParamEncryptAble() {
+    // console.log(encryptAble)
+    return paramEncryptAble
+  },
+  // 判断是否只对结果进行加密
+  checkResultEncryptAble() {
+    // console.log(encryptAble)
+    return resultEncryptAble
+  }
+}
--- a/src/utils/encrypt/aseKeConfig.js
+++ b/src/utils/encrypt/aseKeConfig.js
+export const AES_KEY = 'W3QyH0VVvULUt6Nz'
+export const AES_IV = 'DAgt3T+V02Bb3Gh4'
+// 参数是否进行加密设置,需要与后端配置保持一致
+export const PARAM_ENCRYPT_ABLE = true
+// 结果是否进行加密
+export const RESULT_ENCRYPT_ABLE = true
+// 需要排除的不进行加密的接口，正则匹配
+export const EXCLUE_PATH = ['.*/captchaImage']
--- a/src/utils/request.js
+++ b/src/utils/request.js
@@ -6,7 +6,16 @@ import errorCode from '@/utils/errorCode'
 import { tansParams, blobValidate } from "@/utils/ruoyi";
 import cache from '@/plugins/cache'
 import { saveAs } from 'file-saver'
+import secret from '@/utils/encrypt/aesSecretUtil'
+// 提取url
+export function parseGetUrl(url) {
+  let firstLocation = url.indexOf("?")
+  if (firstLocation > -1) {
+    return url.substring(0, firstLocation)
+  } else {
+    return url
+  }
+}
 let downloadLoadingInstance;
 axios.defaults.headers['Content-Type'] = 'application/json;charset=utf-8'
@@ -27,9 +36,19 @@ service.interceptors.request.use(config => {
  if (getToken() && !isToken) {
    config.headers['Authorization'] = 'Bearer ' + getToken() // 让每个请求携带自定义token 请根据实际情况自行修改
  }
+  var parseParam = {}
+  // 是否排除在外的接口
+  var isExclueUrl = secret.checkIsExcluePath(config.url)
+  // 是否进行参数加密
+  var paramEncryptFlag = !isExclueUrl && secret.checkParamEncryptAble()
+  var resultEncryptFlag = secret.checkResultEncryptAble()
  // get请求映射params参数
  if (config.method === 'get' && config.params) {
-    let url = config.url + '?' + tansParams(config.params);
+    console.log('加密前参数get', config.params)
+    if (paramEncryptFlag) {
+      parseParam = secret.encrypt(config.params)
+    }
+    let url = config.url + '?' + tansParams(parseParam);
    url = url.slice(0, -1);
    config.params = {};
    config.url = url;
@@ -56,6 +75,10 @@ service.interceptors.request.use(config => {
        cache.session.setJSON('sessionObj', requestObj)
      }
    }
+    console.log('加密前参数post', config.data)
+    if (paramEncryptFlag) {
+      config.data = secret.encrypt(config.data)
+    }
  }
  return config
 }, error => {
@@ -65,6 +88,17 @@ service.interceptors.request.use(config => {
 // 响应拦截器
 service.interceptors.response.use(res => {
+    // 是否排除在外的接口
+    var uri = parseGetUrl(res.config.url)
+    var isExclueUrl = secret.checkIsExcluePath(uri)
+    var resultEncryptFlag = secret.checkResultEncryptAble()
+    if (!isExclueUrl){
+      if (resultEncryptFlag) {
+        console.log(JSON.parse(secret.decrypt(res.data)), '----解密结果')
+        res.data = JSON.parse(secret.decrypt(res.data))
+      }
+    }
+    console.log('res.data', res.data)
    // 未设置状态码则默认成功状态
    const code = res.data.code || 200;
    // 获取错误信息