hz/ebiz-h5
1
0
Fork 0
mirror of http://112.124.100.131/GFRS/ebiz-h5.git synced 2025-12-11 23:46:44 +08:00
Code Issues Packages Projects Releases Wiki Activity

安全性问题处理:代码版本整理 修复版本1 --提交人:阳华祥

Browse Source
This commit is contained in:
yang.huaxiang
2020-10-27 11:05:01 +08:00
parent b913e73c47
commit 43117c24a9
8 changed files with 138 additions and 70 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
src/api/ebiz/agentEenter/agentEenter.js
View File

@@ -25,6 +25,15 @@ export function saveOrUpdateInfo(data) {
data data
}) })
} }
export function getTokenForUserModel(data) {
return request({
url: getUrl('/agent/enter/getTokenForAgent', 1),
method: 'get',
data
})
}
// //查询二次分享数据 // //查询二次分享数据
// export function getTokenForUserModel(data) { // export function getTokenForUserModel(data) {
// console.log('查询二次分享', data) // console.log('查询二次分享', data)

14
src/api/ebiz/claims/claims.js
View File

@@ -29,13 +29,13 @@ export function history(data) {
} }
// //历史报案详情接口 // //历史报案详情接口
// export function historyDetail(data) { export function historyDetail(data) {
// return request({ return request({
// url: getUrl(`/claim/claimReport/historyDetail`, 1), url: getUrl(`/claim/claimReport/historyDetail`, 1),
// method: 'post', method: 'get',
// data data
// }) })
// } }
//理赔申请 //理赔申请
export function apply(data) { export function apply(data) {

9
src/api/ebiz/my/my.js
View File

@@ -57,6 +57,15 @@ export function queryPrivacy(data) {
}) })
} }
//获取隐私政策
export function queryPrivacyNot(data) {
return request({
// url: getUrl('/agent/income/info', 0),
url: getUrl('/customer/privacy/queryPrivacy', 1),
method: 'post',
data
})
}
//注销用户 //注销用户
export function logoutAgent(data) { export function logoutAgent(data) {

7
src/assets/js/utils/needCacheKey.js
View File

@@ -1,4 +1,9 @@
export default { export default {
isAll: false, isAll: false,
encodeKeys: [''] encodeKeys: [
'saleInsuredInfo',
'saleInsuredPersonInfo',
'appntDTO',
'proposalAppnt'
]
} }

4
src/assets/js/utils/request.js
View File

@@ -127,7 +127,7 @@ service.interceptors.request.use(
/** /**
* 请求拦截处理(待添加 判断走统一网关处理) * 请求拦截处理(待添加 判断走统一网关处理)
*/ */
if(config.url && config.method == 'post' && /api\/$/.test(config.url.split(configApp.API_VERSION)[0])){ if(config.url && /api\/$/.test(config.url.split(configApp.API_VERSION)[0])){
if(!config.data || config.data == null){ if(!config.data || config.data == null){
config.data = {} config.data = {}
} }
@@ -158,7 +158,7 @@ service.interceptors.response.use(
console.log(response) console.log(response)
console.log('----------------') console.log('----------------')
let res = response.data let res = response.data
if(response.config.url && response.config.method == 'post' && /api\/$/.test(response.config.url.split(configApp.API_VERSION)[0])){ if(response.config.url && response.headers['content-type'].match(/application\/json/) && /api\/$/.test(response.config.url.split(configApp.API_VERSION)[0])){
if(res.response){// 正常情況返回必有response 节点 if(res.response){// 正常情況返回必有response 节点
console.log("[调用请求解密服务][请求地址:"+response.config.url+"][解密前报文:]",JSON.stringify(res.response)) console.log("[调用请求解密服务][请求地址:"+response.config.url+"][解密前报文:]",JSON.stringify(res.response))
res = JSON.parse(AESTools.AESDecrypt(res.response,configApp.REQ_PWD)) res = JSON.parse(AESTools.AESDecrypt(res.response,configApp.REQ_PWD))

56
src/assets/js/utils/request1.js
View File

@@ -1,6 +1,9 @@
import axios from 'axios' import axios from 'axios'
import { Dialog, Toast } from 'vant' import { Dialog, Toast } from 'vant'
import CacheUtils from '@/assets/js/utils/cacheUtils' import CacheUtils from '@/assets/js/utils/cacheUtils'
import configApp from "@/config";
import AESTools from "@/assets/js/utils/cryptoJsUtil";
import MD5 from 'js-md5';
let sale = ['/sale/order/orderDetail'] //在线投保 let sale = ['/sale/order/orderDetail'] //在线投保
// 卡单 // 卡单
@@ -15,18 +18,36 @@ const service = axios.create({
// request拦截器 // request拦截器
service.interceptors.request.use( service.interceptors.request.use(
config => { config => {
let relativePath = config.url && config.url.split('v1')[1] let relativePath = config.url && config.url.split(configApp.API_VERSION)[1]
console.log(config.url.split(configApp.API_VERSION)[0])
if (whiteList.includes(relativePath)) { if (whiteList.includes(relativePath)) {
// Toast.loading({ Toast.loading({
// duration: 0, // 持续展示 toast duration: 0, // 持续展示 toast
// forbidClick: true, // 禁用背景点击 forbidClick: true, // 禁用背景点击
// loadingType: 'spinner', loadingType: 'spinner',
// message: '加载中……' message: '加载中……'
// }) })
}
/**
* 请求拦截处理(待添加 判断走统一网关处理)
*/
if(config.url && /api\/$/.test(config.url.split(configApp.API_VERSION)[0])){
if(!config.data || config.data == null){
config.data = {}
}
if(!!config.data && config.data != null){
let encrypt = AESTools.AESEncrypt(JSON.stringify(config.data),configApp.REQ_PWD)
console.log("[调用请求加密服务][请求地址:"+config.url+"][加密前报文:]",JSON.stringify(config.data))
config.data = {"data": encrypt }
console.log("[调用请求加密服务][请求地址:"+config.url+"][加密后报文:]",config.data)
}
} }
config.headers['token'] = CacheUtils.getLocItem('token') config.headers['token'] = CacheUtils.getLocItem('token')
// config.headers['token'] = `` // 添加请时间戳
let timeStr = new Date().getTime() + '';
config.headers['timeStr'] = timeStr;
config.headers['signature'] = MD5(timeStr + CacheUtils.getLocItem('token'));
// config.headers['token'] = `f0003a753d1d492083248f723ab1b6e9`//TEST测试专用
return config return config
}, },
error => { error => {
@@ -38,9 +59,17 @@ service.interceptors.request.use(
// respone拦截器 // respone拦截器
service.interceptors.response.use( service.interceptors.response.use(
response => { response => {
const res = response.data console.log(response)
console.log(res, 'res') console.log('----------------')
let res = response.data
if(response.config.url && response.headers['content-type'].match(/application\/json/) && /api\/$/.test(response.config.url.split(configApp.API_VERSION)[0])){
if(res.response){// 正常情況返回必有response 节点
console.log("[调用请求解密服务][请求地址:"+response.config.url+"][解密前报文:]",JSON.stringify(res.response))
res = JSON.parse(AESTools.AESDecrypt(res.response,configApp.REQ_PWD))
console.log("[调用请求解密服务][请求地址:"+response.config.url+"][解密后报文:]",res)
}
}
Toast.clear()
if (res.code != 0) { if (res.code != 0) {
if (res.code == 10001 || res.code == 10002) { if (res.code == 10001 || res.code == 10002) {
Dialog.confirm({ Dialog.confirm({
@@ -57,10 +86,11 @@ service.interceptors.response.use(
} }
return Promise.reject(res) return Promise.reject(res)
} else { } else {
return response.data.content return res.content
} }
}, },
error => { error => {
Toast.clear()
console.log('err' + error) // for debug console.log('err' + error) // for debug
//Toast.fail(error.message) //Toast.fail(error.message)
return Promise.reject(error) return Promise.reject(error)

2
src/config/index.js
View File

@@ -11,7 +11,7 @@ let apiDomain, imgDomain, assetsUrl, mainUrl, payUrl, zssqUrl ,REQ_PWD, CACHE_EN
console.log('环境:', process.env.VUE_APP_FLAG) console.log('环境:', process.env.VUE_APP_FLAG)
switch (process.env.VUE_APP_FLAG) { switch (process.env.VUE_APP_FLAG) {
case 'dev': case 'dev':
apiDomain = 'http://139.199.50.151:7000/api/v1' // 国富api ///api/v1 apiDomain = 'http://139.199.50.151:7000/api/v2' // 国富api ///api/v1
imgDomain = 'http://211.159.248.123:7012/updown' // dev imgDomain = 'http://211.159.248.123:7012/updown' // dev
// 静态服务资源 // 静态服务资源
assetsUrl = 'http://139.199.50.151:8000/app/' assetsUrl = 'http://139.199.50.151:8000/app/'

37
src/views/app/Login.vue
View File

@@ -2,16 +2,18 @@
<div class="login-container ph10"> <div class="login-container ph10">
<h3 class="text-center pv30">欢迎登录</h3> <h3 class="text-center pv30">欢迎登录</h3>
<van-cell-group cl> <van-cell-group cl>
<van-field v-model="username" clearable label="用户名" placeholder="请输入用户名" left-icon="contact" /> <van-field v-model="username" clearable label="用户名" placeholder="请输入用户名" left-icon="contact"/>
<van-field v-model="password" type="password" label="密码" placeholder="请输入密码" left-icon="bag-o" /> <van-field v-model="password" type="password" label="密码" placeholder="请输入密码" left-icon="bag-o"/>
</van-cell-group> </van-cell-group>
<van-button type="info" size="large" class="mt30" @click="login" :loading="loading" loading-text="登录中...">登录</van-button> <van-button type="info" size="large" class="mt30" @click="login" :loading="loading" loading-text="登录中...">登录
</van-button>
</div> </div>
</template> </template>
<script> <script>
import { Field, CellGroup } from 'vant' import {CellGroup, Field} from 'vant'
import { login } from '@/api/app/user' import {loginTest} from '@/api/ebiz/my/my.js'
export default { export default {
name: 'login', name: 'login',
components: { components: {
@@ -33,17 +35,30 @@ export default {
return return
} }
this.loading = true this.loading = true
//登录 let that = this;
login() let reqData = {
.then(res => { password: this.$MD5(that.password),
//localStorage.token = res.token system: "agentApp",
graphCode: "",
graphId: "",
name: this.username,
loginflag: "agentPassword",
}
loginTest(reqData).then(res => {
this.loading = false
if (res.result == 0) {
console.log(res)
this.$CacheUtils.setLocItem("token",res.token) this.$CacheUtils.setLocItem("token",res.token)
this.$router.push({ path: this.redirect || '/' }) this.$router.push({ path: this.redirect || '/' })
}) }else {
.catch(err => { this.$toast(res.resultMessage)
}
}) .catch(err => {
console.log(err) console.log(err)
this.loading = false this.loading = false
}) })
} }
} }
} }