diff --git a/package.json b/package.json index bc58dbd..85bf5aa 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "sword-admin", - "version": "3.6.0", + "version": "3.7.0", "description": "An out-of-box UI solution for enterprise applications", "private": true, "scripts": { @@ -38,6 +38,7 @@ "bizcharts": "^3.4.3", "bizcharts-plugin-slider": "^2.1.1-beta.1", "classnames": "^2.2.6", + "crypto-js": "^4.0.0", "dva": "^2.4.1", "enquire-js": "^0.2.1", "hash.js": "^1.1.7", diff --git a/src/pages/Dashboard/Workplace.js b/src/pages/Dashboard/Workplace.js index 62c47c0..b1df657 100644 --- a/src/pages/Dashboard/Workplace.js +++ b/src/pages/Dashboard/Workplace.js @@ -20,14 +20,14 @@ class Workplace extends PureComponent {
- Downloads + Downloads Build Status Coverage Status Downloads @@ -212,7 +212,20 @@ class Workplace extends PureComponent { - + + +
1.升级 SpringCloud 至 2021.0.8
+
2.升级 SpringBoot 至 2.7.15
+
3.升级 Mybatis-Plus 至 3.5.3.2
+
4.升级 Mybatis-Plus-Generator 至 3.5.3.2
+
5.升级 Druid 至 1.2.19
+
6.升级 Avue2 至 2.10.16
+
7.升级 Avue3 至 3.2.19
+
8.新增 Token加密传输功能,提升系统安全性
+
9.新增 后端对Token加密增加强制校验的功能
+
10.优化 INode树形节点封装,增加泛型支持
+
11.优化 Sql防注入的功能
+
1.升级 SpringCloud 至 2021.0.6
2.升级 SpringBoot 至 2.7.10
diff --git a/src/services/api.js b/src/services/api.js index d274195..a3e2315 100644 --- a/src/services/api.js +++ b/src/services/api.js @@ -108,7 +108,7 @@ export async function fakeRegister(params) { } export async function queryNotices() { - return request('/api/blade-desk/notice/my-notices'); + return request('/api/blade-desk/dashboard/my-notices'); } export async function getFakeCaptcha(mobile) { diff --git a/src/services/notice.js b/src/services/notice.js index 028b299..2e3bfd8 100644 --- a/src/services/notice.js +++ b/src/services/notice.js @@ -5,17 +5,18 @@ import request from '../utils/request'; // =====================通知公告=========================== export async function queryProjectNotice(params = {}) { - return request(`/api/blade-desk/notice/notices?${stringify(params)}`); + return request(`/api/blade-desk/dashboard/notices?${stringify(params)}`, { cryptoToken: true }); } export async function list(params) { - return request(`/api/blade-desk/notice/list?${stringify(params)}`); + return request(`/api/blade-desk/notice/list?${stringify(params)}`, { cryptoToken: true }); } export async function remove(params) { return request('/api/blade-desk/notice/remove', { method: 'POST', body: func.toFormData(params), + cryptoToken: true, }); } @@ -23,9 +24,10 @@ export async function submit(params) { return request('/api/blade-desk/notice/submit', { method: 'POST', body: params, + cryptoToken: true, }); } export async function detail(params) { - return request(`/api/blade-desk/notice/detail?${stringify(params)}`); + return request(`/api/blade-desk/notice/detail?${stringify(params)}`, { cryptoToken: true }); } diff --git a/src/utils/crypto.js b/src/utils/crypto.js new file mode 100644 index 0000000..fe548ef --- /dev/null +++ b/src/utils/crypto.js @@ -0,0 +1,84 @@ +import CryptoJS from 'crypto-js'; + +export default class crypto { + // 使用AesUtil.genAesKey()生成,需和后端配置保持一致 + static aesKey = 'O2BEeIv399qHQNhD6aGW8R8DEj4bqHXm'; + + // 使用DesUtil.genDesKey()生成,需和后端配置保持一致 + static desKey = ''; + + /** + * aes 加密方法 + * @param data + * @returns {*} + */ + static encrypt(data) { + return this.encryptAES(data, this.aesKey); + } + + /** + * aes 解密方法 + * @param data + * @returns {*} + */ + static decrypt(data) { + return this.decryptAES(data, this.aesKey); + } + + /** + * aes 加密方法,同java:AesUtil.encryptToBase64(text, aesKey); + */ + static encryptAES(data, key) { + const dataBytes = CryptoJS.enc.Utf8.parse(data); + const keyBytes = CryptoJS.enc.Utf8.parse(key); + const encrypted = CryptoJS.AES.encrypt(dataBytes, keyBytes, { + iv: keyBytes, + mode: CryptoJS.mode.CBC, + padding: CryptoJS.pad.Pkcs7, + }); + return CryptoJS.enc.Base64.stringify(encrypted.ciphertext); + } + + /** + * aes 解密方法,同java:AesUtil.decryptFormBase64ToString(encrypt, aesKey); + */ + static decryptAES(data, key) { + const keyBytes = CryptoJS.enc.Utf8.parse(key); + const decrypted = CryptoJS.AES.decrypt(data, keyBytes, { + iv: keyBytes, + mode: CryptoJS.mode.CBC, + padding: CryptoJS.pad.Pkcs7, + }); + return CryptoJS.enc.Utf8.stringify(decrypted); + } + + /** + * des 加密方法,同java:DesUtil.encryptToBase64(text, desKey) + */ + static encryptDES(data, key) { + const keyHex = CryptoJS.enc.Utf8.parse(key); + const encrypted = CryptoJS.DES.encrypt(data, keyHex, { + mode: CryptoJS.mode.ECB, + padding: CryptoJS.pad.Pkcs7, + }); + return encrypted.toString(); + } + + /** + * des 解密方法,同java:DesUtil.decryptFormBase64(encryptBase64, desKey); + */ + static decryptDES(data, key) { + const keyHex = CryptoJS.enc.Utf8.parse(key); + const decrypted = CryptoJS.DES.decrypt( + { + ciphertext: CryptoJS.enc.Base64.parse(data), + }, + keyHex, + { + mode: CryptoJS.mode.ECB, + padding: CryptoJS.pad.Pkcs7, + } + ); + return decrypted.toString(CryptoJS.enc.Utf8); + } +} diff --git a/src/utils/request.js b/src/utils/request.js index 8454b3a..f0a7bdc 100644 --- a/src/utils/request.js +++ b/src/utils/request.js @@ -4,8 +4,9 @@ import router from 'umi/router'; import hash from 'hash.js'; import { Base64 } from 'js-base64'; import { clientId, clientSecret } from '../defaultSettings'; -import { getToken, removeAll } from './authority'; +import { getAccessToken, getToken, removeAll } from './authority'; import RequestForm from '@/utils/RequestForm'; +import crypto from '@/utils/crypto'; const codeMessage = { 200: '服务器成功返回请求的数据。', @@ -122,7 +123,15 @@ export default function request(url, option) { Authorization: `Basic ${Base64.encode(`${clientId}:${clientSecret}`)}`, }; - const token = getToken(); + // token鉴权 + let token; + // 加密判断 + if (newOptions.cryptoToken === true) { + token = `crypto ${crypto.encrypt(getAccessToken())}`; + } else { + token = getToken(); + } + if (token) { newOptions.headers = { ...newOptions.headers,