yudao
/
admin-vben
mirror of https://gitee.com/yudaocode/yudao-ui-admin-vben.git
3
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

feat:【framework 框架】增加 api 加解密能力(优化代码)

pull/201/head
YunaiV 2025-08-16 17:20:45 +08:00
parent 2920dabb99
commit 4be6d26375
9 changed files with 112 additions and 330 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
apps/web-antd/package.json
View File

@ -47,10 +47,8 @@
"@vueuse/integrations": "catalog:", "@vueuse/integrations": "catalog:",
"ant-design-vue": "catalog:", "ant-design-vue": "catalog:",
"cropperjs": "catalog:", "cropperjs": "catalog:",
"crypto-js": "catalog:",
"dayjs": "catalog:", "dayjs": "catalog:",
"highlight.js": "catalog:", "highlight.js": "catalog:",
"jsencrypt": "catalog:",
"pinia": "catalog:", "pinia": "catalog:",
"vue": "catalog:", "vue": "catalog:",
"vue-dompurify-html": "catalog:", "vue-dompurify-html": "catalog:",

11
apps/web-antd/src/api/request.ts
View File

@ -12,16 +12,17 @@ import {
RequestClient, RequestClient,
} from '@vben/request'; } from '@vben/request';
import { useAccessStore } from '@vben/stores'; import { useAccessStore } from '@vben/stores';
import { createApiEncrypt } from '@vben/utils';
import { message } from 'ant-design-vue'; import { message } from 'ant-design-vue';
import { useAuthStore } from '#/store'; import { useAuthStore } from '#/store';
import { ApiEncrypt } from '#/utils/encrypt';
import { refreshTokenApi } from './core'; import { refreshTokenApi } from './core';
const { apiURL } = useAppConfig(import.meta.env, import.meta.env.PROD); const { apiURL } = useAppConfig(import.meta.env, import.meta.env.PROD);
const tenantEnable = isTenantEnable(); const tenantEnable = isTenantEnable();
const apiEncrypt = createApiEncrypt(import.meta.env);
function createRequestClient(baseURL: string, options?: RequestClientOptions) { function createRequestClient(baseURL: string, options?: RequestClientOptions) {
const client = new RequestClient({ const client = new RequestClient({
@ -91,9 +92,9 @@ function createRequestClient(baseURL: string, options?: RequestClientOptions) {
try { try {
// 加密请求数据 // 加密请求数据
if (config.data) { if (config.data) {
config.data = ApiEncrypt.encryptRequest(config.data); config.data = apiEncrypt.encryptRequest(config.data);
// 设置加密标识头 // 设置加密标识头
config.headers[ApiEncrypt.getEncryptHeader()] = 'true'; config.headers[apiEncrypt.getEncryptHeader()] = 'true';
} }
} catch (error) { } catch (error) {
console.error('请求数据加密失败:', error); console.error('请求数据加密失败:', error);
@ -108,14 +109,14 @@ function createRequestClient(baseURL: string, options?: RequestClientOptions) {
client.addResponseInterceptor({ client.addResponseInterceptor({
fulfilled: (response) => { fulfilled: (response) => {
// 检查是否需要解密响应数据 // 检查是否需要解密响应数据
const encryptHeader = ApiEncrypt.getEncryptHeader(); const encryptHeader = apiEncrypt.getEncryptHeader();
const isEncryptResponse = const isEncryptResponse =
response.headers[encryptHeader] === 'true' || response.headers[encryptHeader] === 'true' ||
response.headers[encryptHeader.toLowerCase()] === 'true'; response.headers[encryptHeader.toLowerCase()] === 'true';
if (isEncryptResponse && typeof response.data === 'string') { if (isEncryptResponse && typeof response.data === 'string') {
try { try {
// 解密响应数据 // 解密响应数据
response.data = ApiEncrypt.decryptResponse(response.data); response.data = apiEncrypt.decryptResponse(response.data);
} catch (error) { } catch (error) {
console.error('响应数据解密失败:', error); console.error('响应数据解密失败:', error);
throw new Error(`响应数据解密失败: ${(error as Error).message}`); throw new Error(`响应数据解密失败: ${(error as Error).message}`);

2
apps/web-ele/package.json
View File

@ -45,11 +45,9 @@
"@vben/utils": "workspace:*", "@vben/utils": "workspace:*",
"@vueuse/core": "catalog:", "@vueuse/core": "catalog:",
"cropperjs": "catalog:", "cropperjs": "catalog:",
"crypto-js": "catalog:",
"dayjs": "catalog:", "dayjs": "catalog:",
"element-plus": "catalog:", "element-plus": "catalog:",
"highlight.js": "catalog:", "highlight.js": "catalog:",
"jsencrypt": "catalog:",
"pinia": "catalog:", "pinia": "catalog:",
"vue": "catalog:", "vue": "catalog:",
"vue-router": "catalog:" "vue-router": "catalog:"

11
apps/web-ele/src/api/request.ts
View File

@ -12,16 +12,17 @@ import {
RequestClient, RequestClient,
} from '@vben/request'; } from '@vben/request';
import { useAccessStore } from '@vben/stores'; import { useAccessStore } from '@vben/stores';
import { createApiEncrypt } from '@vben/utils';
import { ElMessage } from 'element-plus'; import { ElMessage } from 'element-plus';
import { useAuthStore } from '#/store'; import { useAuthStore } from '#/store';
import { ApiEncrypt } from '#/utils/encrypt';
import { refreshTokenApi } from './core'; import { refreshTokenApi } from './core';
const { apiURL } = useAppConfig(import.meta.env, import.meta.env.PROD); const { apiURL } = useAppConfig(import.meta.env, import.meta.env.PROD);
const tenantEnable = isTenantEnable(); const tenantEnable = isTenantEnable();
const apiEncrypt = createApiEncrypt(import.meta.env);
function createRequestClient(baseURL: string, options?: RequestClientOptions) { function createRequestClient(baseURL: string, options?: RequestClientOptions) {
const client = new RequestClient({ const client = new RequestClient({
@ -91,9 +92,9 @@ function createRequestClient(baseURL: string, options?: RequestClientOptions) {
try { try {
// 加密请求数据 // 加密请求数据
if (config.data) { if (config.data) {
config.data = ApiEncrypt.encryptRequest(config.data); config.data = apiEncrypt.encryptRequest(config.data);
// 设置加密标识头 // 设置加密标识头
config.headers[ApiEncrypt.getEncryptHeader()] = 'true'; config.headers[apiEncrypt.getEncryptHeader()] = 'true';
} }
} catch (error) { } catch (error) {
console.error('请求数据加密失败:', error); console.error('请求数据加密失败:', error);
@ -108,14 +109,14 @@ function createRequestClient(baseURL: string, options?: RequestClientOptions) {
client.addResponseInterceptor({ client.addResponseInterceptor({
fulfilled: (response) => { fulfilled: (response) => {
// 检查是否需要解密响应数据 // 检查是否需要解密响应数据
const encryptHeader = ApiEncrypt.getEncryptHeader(); const encryptHeader = apiEncrypt.getEncryptHeader();
const isEncryptResponse = const isEncryptResponse =
response.headers[encryptHeader] === 'true' || response.headers[encryptHeader] === 'true' ||
response.headers[encryptHeader.toLowerCase()] === 'true'; response.headers[encryptHeader.toLowerCase()] === 'true';
if (isEncryptResponse && typeof response.data === 'string') { if (isEncryptResponse && typeof response.data === 'string') {
try { try {
// 解密响应数据 // 解密响应数据
response.data = ApiEncrypt.decryptResponse(response.data); response.data = apiEncrypt.decryptResponse(response.data);
} catch (error) { } catch (error) {
console.error('响应数据解密失败:', error); console.error('响应数据解密失败:', error);
throw new Error(`响应数据解密失败: ${(error as Error).message}`); throw new Error(`响应数据解密失败: ${(error as Error).message}`);

240
apps/web-ele/src/utils/encrypt.ts
View File

@ -1,240 +0,0 @@
import CryptoJS from 'crypto-js';
import { JSEncrypt } from 'jsencrypt';
/**
* API
* AES RSA
*/
// 从环境变量获取配置
const API_ENCRYPT_ENABLE =
import.meta.env.VITE_APP_API_ENCRYPT_ENABLE === 'true';
const API_ENCRYPT_HEADER =
import.meta.env.VITE_APP_API_ENCRYPT_HEADER || 'X-Api-Encrypt';
const API_ENCRYPT_ALGORITHM =
import.meta.env.VITE_APP_API_ENCRYPT_ALGORITHM || 'AES';
const API_ENCRYPT_REQUEST_KEY =
import.meta.env.VITE_APP_API_ENCRYPT_REQUEST_KEY || ''; // AES密钥 或 RSA公钥
const API_ENCRYPT_RESPONSE_KEY =
import.meta.env.VITE_APP_API_ENCRYPT_RESPONSE_KEY || ''; // AES密钥 或 RSA私钥
/**
* AES
*/
export const AES = {
/**
* AES
* @param data
* @param key
* @returns
*/
encrypt(data: string, key: string): string {
try {
if (!key) {
throw new Error('AES 加密密钥不能为空');
}
if (key.length !== 32) {
throw new Error(
`AES 加密密钥长度必须为 32 位,当前长度: ${key.length}`,
);
}
const keyUtf8 = CryptoJS.enc.Utf8.parse(key);
const encrypted = CryptoJS.AES.encrypt(data, keyUtf8, {
mode: CryptoJS.mode.ECB,
padding: CryptoJS.pad.Pkcs7,
});
return encrypted.toString();
} catch (error) {
console.error('AES 加密失败:', error);
throw error;
}
},
/**
* AES
* @param encryptedData
* @param key
* @returns
*/
decrypt(encryptedData: string, key: string): string {
try {
if (!key) {
throw new Error('AES 解密密钥不能为空');
}
if (key.length !== 32) {
throw new Error(
`AES 解密密钥长度必须为 32 位,当前长度: ${key.length}`,
);
}
if (!encryptedData) {
throw new Error('AES 解密数据不能为空');
}
const keyUtf8 = CryptoJS.enc.Utf8.parse(key);
const decrypted = CryptoJS.AES.decrypt(encryptedData, keyUtf8, {
mode: CryptoJS.mode.ECB,
padding: CryptoJS.pad.Pkcs7,
});
const result = decrypted.toString(CryptoJS.enc.Utf8);
if (!result) {
throw new Error('AES 解密结果为空,可能是密钥错误或数据损坏');
}
return result;
} catch (error) {
console.error('AES 解密失败:', error);
throw error;
}
},
};
/**
* RSA
*/
export const RSA = {
/**
* RSA
* @param data
* @param publicKey
* @returns
*/
encrypt(data: string, publicKey: string): false | string {
try {
if (!publicKey) {
throw new Error('RSA 公钥不能为空');
}
const encryptor = new JSEncrypt();
encryptor.setPublicKey(publicKey);
const result = encryptor.encrypt(data);
if (result === false) {
throw new Error('RSA 加密失败,可能是公钥格式错误或数据过长');
}
return result;
} catch (error) {
console.error('RSA 加密失败:', error);
throw error;
}
},
/**
* RSA
* @param encryptedData
* @param privateKey
* @returns
*/
decrypt(encryptedData: string, privateKey: string): false | string {
try {
if (!privateKey) {
throw new Error('RSA 私钥不能为空');
}
if (!encryptedData) {
throw new Error('RSA 解密数据不能为空');
}
const encryptor = new JSEncrypt();
encryptor.setPrivateKey(privateKey);
const result = encryptor.decrypt(encryptedData);
if (result === false) {
throw new Error('RSA 解密失败,可能是私钥错误或数据损坏');
}
return result;
} catch (error) {
console.error('RSA 解密失败:', error);
throw error;
}
},
};
/**
* API
*/
export const ApiEncrypt = {
/**
*
*/
getEncryptHeader(): string {
return API_ENCRYPT_HEADER;
},
/**
*
* @param data
* @returns
*/
encryptRequest(data: any): string {
if (!API_ENCRYPT_ENABLE) {
return data;
}
try {
const jsonData = typeof data === 'string' ? data : JSON.stringify(data);
if (API_ENCRYPT_ALGORITHM.toUpperCase() === 'AES') {
if (!API_ENCRYPT_REQUEST_KEY) {
throw new Error('AES 请求加密密钥未配置');
}
return AES.encrypt(jsonData, API_ENCRYPT_REQUEST_KEY);
} else if (API_ENCRYPT_ALGORITHM.toUpperCase() === 'RSA') {
if (!API_ENCRYPT_REQUEST_KEY) {
throw new Error('RSA 公钥未配置');
}
const result = RSA.encrypt(jsonData, API_ENCRYPT_REQUEST_KEY);
if (result === false) {
throw new Error('RSA 加密失败');
}
return result;
} else {
throw new Error(`不支持的加密算法: ${API_ENCRYPT_ALGORITHM}`);
}
} catch (error) {
console.error('请求数据加密失败:', error);
throw error;
}
},
/**
*
* @param encryptedData
* @returns
*/
decryptResponse(encryptedData: string): any {
if (!API_ENCRYPT_ENABLE) {
return encryptedData;
}
try {
let decryptedData: false | string = '';
if (API_ENCRYPT_ALGORITHM.toUpperCase() === 'AES') {
if (!API_ENCRYPT_RESPONSE_KEY) {
throw new Error('AES 响应解密密钥未配置');
}
decryptedData = AES.decrypt(encryptedData, API_ENCRYPT_RESPONSE_KEY);
} else if (API_ENCRYPT_ALGORITHM.toUpperCase() === 'RSA') {
if (!API_ENCRYPT_RESPONSE_KEY) {
throw new Error('RSA 私钥未配置');
}
decryptedData = RSA.decrypt(encryptedData, API_ENCRYPT_RESPONSE_KEY);
if (decryptedData === false) {
throw new Error('RSA 解密失败');
}
} else {
throw new Error(`不支持的解密算法: ${API_ENCRYPT_ALGORITHM}`);
}
if (!decryptedData) {
throw new Error('解密结果为空');
}
// 尝试解析为 JSON如果失败则返回原字符串
try {
return JSON.parse(decryptedData);
} catch {
return decryptedData;
}
} catch (error) {
console.error('响应数据解密失败:', error);
throw error;
}
},
};

2
packages/@core/base/shared/package.json
View File

@ -83,8 +83,10 @@
"@tanstack/vue-store": "catalog:", "@tanstack/vue-store": "catalog:",
"@vue/shared": "catalog:", "@vue/shared": "catalog:",
"clsx": "catalog:", "clsx": "catalog:",
"crypto-js": "catalog:",
"dayjs": "catalog:", "dayjs": "catalog:",
"defu": "catalog:", "defu": "catalog:",
"jsencrypt": "catalog:",
"lodash.clonedeep": "catalog:", "lodash.clonedeep": "catalog:",
"lodash.get": "catalog:", "lodash.get": "catalog:",
"lodash.isequal": "catalog:", "lodash.isequal": "catalog:",

155
apps/web-antd/src/utils/encrypt.ts → packages/@core/base/shared/src/utils/encrypt.ts
View File

@ -6,18 +6,6 @@ import { JSEncrypt } from 'jsencrypt';
* AES RSA * AES RSA
*/ */
// 从环境变量获取配置
const API_ENCRYPT_ENABLE =
import.meta.env.VITE_APP_API_ENCRYPT_ENABLE === 'true';
const API_ENCRYPT_HEADER =
import.meta.env.VITE_APP_API_ENCRYPT_HEADER || 'X-Api-Encrypt';
const API_ENCRYPT_ALGORITHM =
import.meta.env.VITE_APP_API_ENCRYPT_ALGORITHM || 'AES';
const API_ENCRYPT_REQUEST_KEY =
import.meta.env.VITE_APP_API_ENCRYPT_REQUEST_KEY || ''; // AES密钥 或 RSA公钥
const API_ENCRYPT_RESPONSE_KEY =
import.meta.env.VITE_APP_API_ENCRYPT_RESPONSE_KEY || ''; // AES密钥 或 RSA私钥
/** /**
* AES * AES
*/ */
@ -146,52 +134,31 @@ export const RSA = {
}, },
}; };
/**
* API
*/
export interface ApiEncryptConfig {
/** 加密算法 */
algorithm: 'AES' | 'RSA';
/** 是否启用加解密 */
enable: boolean;
/** 加密头名称 */
header: string;
/** 请求加密密钥AES密钥或RSA公钥 */
requestKey: string;
/** 响应解密密钥AES密钥或RSA私钥 */
responseKey: string;
}
/** /**
* API * API
*/ */
export const ApiEncrypt = { export class ApiEncrypt {
/** private config: ApiEncryptConfig;
*
*/
getEncryptHeader(): string {
return API_ENCRYPT_HEADER;
},
/** constructor(config: ApiEncryptConfig) {
* this.config = config;
* @param data }
* @returns
*/
encryptRequest(data: any): string {
if (!API_ENCRYPT_ENABLE) {
return data;
}
try {
const jsonData = typeof data === 'string' ? data : JSON.stringify(data);
if (API_ENCRYPT_ALGORITHM.toUpperCase() === 'AES') {
if (!API_ENCRYPT_REQUEST_KEY) {
throw new Error('AES 请求加密密钥未配置');
}
return AES.encrypt(jsonData, API_ENCRYPT_REQUEST_KEY);
} else if (API_ENCRYPT_ALGORITHM.toUpperCase() === 'RSA') {
if (!API_ENCRYPT_REQUEST_KEY) {
throw new Error('RSA 公钥未配置');
}
const result = RSA.encrypt(jsonData, API_ENCRYPT_REQUEST_KEY);
if (result === false) {
throw new Error('RSA 加密失败');
}
return result;
} else {
throw new Error(`不支持的加密算法: ${API_ENCRYPT_ALGORITHM}`);
}
} catch (error) {
console.error('请求数据加密失败:', error);
throw error;
}
},
/** /**
* *
@ -199,27 +166,27 @@ export const ApiEncrypt = {
* @returns * @returns
*/ */
decryptResponse(encryptedData: string): any { decryptResponse(encryptedData: string): any {
if (!API_ENCRYPT_ENABLE) { if (!this.config.enable) {
return encryptedData; return encryptedData;
} }
try { try {
let decryptedData: false | string = ''; let decryptedData: false | string = '';
if (API_ENCRYPT_ALGORITHM.toUpperCase() === 'AES') { if (this.config.algorithm.toUpperCase() === 'AES') {
if (!API_ENCRYPT_RESPONSE_KEY) { if (!this.config.responseKey) {
throw new Error('AES 响应解密密钥未配置'); throw new Error('AES 响应解密密钥未配置');
} }
decryptedData = AES.decrypt(encryptedData, API_ENCRYPT_RESPONSE_KEY); decryptedData = AES.decrypt(encryptedData, this.config.responseKey);
} else if (API_ENCRYPT_ALGORITHM.toUpperCase() === 'RSA') { } else if (this.config.algorithm.toUpperCase() === 'RSA') {
if (!API_ENCRYPT_RESPONSE_KEY) { if (!this.config.responseKey) {
throw new Error('RSA 私钥未配置'); throw new Error('RSA 私钥未配置');
} }
decryptedData = RSA.decrypt(encryptedData, API_ENCRYPT_RESPONSE_KEY); decryptedData = RSA.decrypt(encryptedData, this.config.responseKey);
if (decryptedData === false) { if (decryptedData === false) {
throw new Error('RSA 解密失败'); throw new Error('RSA 解密失败');
} }
} else { } else {
throw new Error(`不支持的解密算法: ${API_ENCRYPT_ALGORITHM}`); throw new Error(`不支持的解密算法: ${this.config.algorithm}`);
} }
if (!decryptedData) { if (!decryptedData) {
@ -236,5 +203,65 @@ export const ApiEncrypt = {
console.error('响应数据解密失败:', error); console.error('响应数据解密失败:', error);
throw error; throw error;
} }
}, }
};
/**
*
* @param data
* @returns
*/
encryptRequest(data: any): string {
if (!this.config.enable) {
return data;
}
try {
const jsonData = typeof data === 'string' ? data : JSON.stringify(data);
if (this.config.algorithm.toUpperCase() === 'AES') {
if (!this.config.requestKey) {
throw new Error('AES 请求加密密钥未配置');
}
return AES.encrypt(jsonData, this.config.requestKey);
} else if (this.config.algorithm.toUpperCase() === 'RSA') {
if (!this.config.requestKey) {
throw new Error('RSA 公钥未配置');
}
const result = RSA.encrypt(jsonData, this.config.requestKey);
if (result === false) {
throw new Error('RSA 加密失败');
}
return result;
} else {
throw new Error(`不支持的加密算法: ${this.config.algorithm}`);
}
} catch (error) {
console.error('请求数据加密失败:', error);
throw error;
}
}
/**
*
*/
getEncryptHeader(): string {
return this.config.header;
}
}
/**
* API
* @param env
* @returns ApiEncrypt
*/
export function createApiEncrypt(env: Record<string, any>): ApiEncrypt {
const config: ApiEncryptConfig = {
enable: env.VITE_APP_API_ENCRYPT_ENABLE === 'true',
header: env.VITE_APP_API_ENCRYPT_HEADER || 'X-Api-Encrypt',
algorithm: env.VITE_APP_API_ENCRYPT_ALGORITHM || 'AES',
requestKey: env.VITE_APP_API_ENCRYPT_REQUEST_KEY || '',
responseKey: env.VITE_APP_API_ENCRYPT_RESPONSE_KEY || '',
};
return new ApiEncrypt(config);
}

1
packages/@core/base/shared/src/utils/index.ts
View File

@ -3,6 +3,7 @@ export * from './date';
export * from './diff'; export * from './diff';
export * from './dom'; export * from './dom';
export * from './download'; export * from './download';
export * from './encrypt';
export * from './formatNumber'; export * from './formatNumber';
export * from './inference'; export * from './inference';
export * from './letter'; export * from './letter';

18
pnpm-lock.yaml
View File

@ -776,18 +776,12 @@ importers:
cropperjs: cropperjs:
specifier: 'catalog:' specifier: 'catalog:'
version: 1.6.2 version: 1.6.2
crypto-js:
specifier: 'catalog:'
version: 4.2.0
dayjs: dayjs:
specifier: 'catalog:' specifier: 'catalog:'
version: 1.11.13 version: 1.11.13
highlight.js: highlight.js:
specifier: 'catalog:' specifier: 'catalog:'
version: 11.11.1 version: 11.11.1
jsencrypt:
specifier: 'catalog:'
version: 3.5.4
pinia: pinia:
specifier: ^3.0.3 specifier: ^3.0.3
version: 3.0.3(typescript@5.8.3)(vue@3.5.17(typescript@5.8.3)) version: 3.0.3(typescript@5.8.3)(vue@3.5.17(typescript@5.8.3))
@ -867,9 +861,6 @@ importers:
cropperjs: cropperjs:
specifier: 'catalog:' specifier: 'catalog:'
version: 1.6.2 version: 1.6.2
crypto-js:
specifier: 'catalog:'
version: 4.2.0
dayjs: dayjs:
specifier: 'catalog:' specifier: 'catalog:'
version: 1.11.13 version: 1.11.13
@ -879,9 +870,6 @@ importers:
highlight.js: highlight.js:
specifier: 'catalog:' specifier: 'catalog:'
version: 11.11.1 version: 11.11.1
jsencrypt:
specifier: 'catalog:'
version: 3.5.4
pinia: pinia:
specifier: ^3.0.3 specifier: ^3.0.3
version: 3.0.3(typescript@5.8.3)(vue@3.5.17(typescript@5.8.3)) version: 3.0.3(typescript@5.8.3)(vue@3.5.17(typescript@5.8.3))
@ -1377,12 +1365,18 @@ importers:
clsx: clsx:
specifier: ^2.1.1 specifier: ^2.1.1
version: 2.1.1 version: 2.1.1
crypto-js:
specifier: 'catalog:'
version: 4.2.0
dayjs: dayjs:
specifier: 'catalog:' specifier: 'catalog:'
version: 1.11.13 version: 1.11.13
defu: defu:
specifier: 'catalog:' specifier: 'catalog:'
version: 6.1.4 version: 6.1.4
jsencrypt:
specifier: 'catalog:'
version: 3.5.4
lodash.clonedeep: lodash.clonedeep:
specifier: 'catalog:' specifier: 'catalog:'
version: 4.5.0 version: 4.5.0