敏感信息加密

2024-09-19 16:17:01 +08:00 · 2024-09-19 16:17:01 +08:00 · b3ba7e7e40
parent d7b11c02e5
commit b3ba7e7e40
5 changed files with 81 additions and 4 deletions
--- a/package.json
+++ b/package.json
@ -33,6 +33,7 @@
    "cornerstone-math": "^0.1.10",
    "cornerstone-tools": "^6.0.10",
    "cornerstone-wado-image-loader": "^4.13.2",
+    "crypto-js": "^4.2.0",
    "dcmjs": "^0.29.8",
    "dicom-parser": "^1.8.9",
    "dicomedit": "^0.1.0",
@ -43,6 +44,7 @@
    "hammerjs": "^2.0.8",
    "html2canvas": "^1.4.1",
    "js-md5": "^0.7.3",
+    "jsencrypt": "^3.3.2",
    "jszip": "^3.7.1",
    "moment": "^2.27.0",
    "node-polyfill-webpack-plugin": "^2.0.1",
--- a/src/api/user.js
+++ b/src/api/user.js
@ -4,7 +4,8 @@ export function login(data) {
  return request({
    url: '/user/login',
    method: 'post',
-    data
+    data,
+    ENCRYPT: true
  })
 }
 export function loginOut(params) {
@ -185,3 +186,10 @@ export function sendMFAEmail(params) {
    params
  })
 }
+// 获取公钥
+export function getPublicKey() {
+  return request({
+    url: `/user/getPublicKey`,
+    method: 'get',
+  })
+}
--- a/src/utils/encrypt/crypto.js
+++ b/src/utils/encrypt/crypto.js
@ -0,0 +1,36 @@
+// crypto.js
+import CryptoJS from 'crypto-js';
+import { JSEncrypt } from "jsencrypt";
+import { getPublicKey } from "@/api/user.js"
+export const Crypto = {
+    AES: {
+        encrypt: function (plaintext, secretKey) {
+            return CryptoJS.AES.encrypt(plaintext, secretKey).toString();
+        },
+        decrypt: function (ciphertext, secretKey) {
+            const bytes = CryptoJS.AES.decrypt(ciphertext, secretKey);
+            return bytes.toString(CryptoJS.enc.Utf8);
+        }
+    }
+};
+export const Encrypt = {
+    encrypt: async function (plaintext) {
+        let PublicKey = null;
+        if (sessionStorage.getItem('PublicKey')) {
+            PublicKey = sessionStorage.getItem('PublicKey');
+        } else {
+            let res = await getPublicKey();
+            if (res.IsSuccess) {
+                PublicKey = res.Result
+                sessionStorage.setItem('PublicKey', res.Result)
+            } else {
+                return false;
+            }
+        }
+        let encryptor = new JSEncrypt()
+        encryptor.setPublicKey(PublicKey)
+        return encryptor.encrypt(JSON.stringify(plaintext))
+
+    },
+
+};
--- a/src/utils/encrypt/index.js
+++ b/src/utils/encrypt/index.js
@ -0,0 +1,28 @@
+import { Encrypt, Crypto } from "./crypto";
+export const encryptConfig = async (config) => {
+    let secretKey = randomRange(10, 43);
+    let encryptSecretKey = await Encrypt.encrypt(secretKey); // 密钥进行非对称加密
+    if (encryptSecretKey) {
+        config.headers['X-Encrypted-Key'] = encryptSecretKey;
+    }
+    if (config.data && Object.prototype.toString.call(config.data) === '[object Object]') {
+        Object.keys(config.data).forEach(key => {
+            config.data[key] = Crypto.AES.encrypt(config.data[key], secretKey)
+        })
+    }
+    return config;
+}
+const randomRange = (min, max, charStr) => {
+    var returnStr = "",
+        range;
+    if (typeof max == 'string') {
+        charStr = max;
+    }
+    range = ((max && typeof max == 'number') ? Math.round(Math.random() * (max - min)) + min : min);
+    charStr = charStr || 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';
+    for (var i = 0; i < range; i++) {
+        var index = Math.round(Math.random() * (charStr.length - 1));
+        returnStr += charStr.substring(index, index + 1);
+    }
+    return returnStr;
+}
--- a/src/utils/request.js
+++ b/src/utils/request.js
@ -4,7 +4,7 @@ import store from '@/store'
 import router from '@/router'
 import WHITELIST from "./whiteList"
 import moment from 'moment-timezone';
-console.log(moment.tz.guess())
+import { encryptConfig } from "@/utils/encrypt"
 axios.defaults.withCredentials = false
 const service = axios.create({
  baseURL: '/api',
@ -16,13 +16,16 @@ var path
 // var lang = store.state.lang.language

 service.interceptors.request.use(
-  config => {
+  async config => {
    path = router && router.app && router.app._route && router.app._route.path
    config.headers['Content-Type'] = 'application/json;charset=UTF-8'
    var language = zzSessionStorage.getItem('lang')
    config.headers['Accept-Language'] = language === 'en' ? 'en-US,en;q=0.5' : 'zh-CN,zh;q=0.9'
    config.headers['TimeZoneId'] = moment.tz.guess()
-    if (store.getters.token) {
+    if (config.ENCRYPT) {
+      config = await encryptConfig(config)
+    }
+    if (store.getters.token && !config.clearToken) {
      config.headers.Authorization = `Bearer ${store.getters.token}`
    }
    try {