安全性问题处理：代码版本整理初始版本1 --提交人：阳华祥

2025-12-13 03:46:43 +08:00 · 2020-10-27 10:50:12 +08:00
parent 239769d7af
commit b913e73c47
23 changed files with 953 additions and 237 deletions
--- a/src/assets/js/utils/request.js
+++ b/src/assets/js/utils/request.js
@@ -1,5 +1,11 @@
 import axios from 'axios'
+import AESTools from '@/assets/js/utils/cryptoJsUtil'
+import configApp from '@/config'
 import { Dialog, Toast } from 'vant'
+import dateUtil from "@/assets/js/utils/date-utils";
+import MD5 from 'js-md5';
+import CacheUtils from '@/assets/js/utils/cacheUtils'
+
 let proposal = [
  '/proposal/proposal/list',
  '/proposal/proposal/toInsurance',
@@ -107,58 +113,84 @@ const service = axios.create({

 // request拦截器
 service.interceptors.request.use(
-  config => {
-    let relativePath = config.url && config.url.split('v1')[1]
-    if (whiteList.includes(relativePath)) {
-      Toast.loading({
-        duration: 0, // 持续展示 toast
-        forbidClick: true, // 禁用背景点击
-        loadingType: 'spinner',
-        message: '加载中……'
-      })
+    config => {
+      let relativePath = config.url && config.url.split(configApp.API_VERSION)[1]
+      console.log(config.url.split(configApp.API_VERSION)[0])
+      if (whiteList.includes(relativePath)) {
+        Toast.loading({
+          duration: 0, // 持续展示 toast
+          forbidClick: true, // 禁用背景点击
+          loadingType: 'spinner',
+          message: '加载中……'
+        })
+      }
+      /**
+       * 请求拦截处理(待添加 判断走统一网关处理)
+       */
+      if(config.url && config.method == 'post' && /api\/$/.test(config.url.split(configApp.API_VERSION)[0])){
+        if(!config.data || config.data == null){
+          config.data = {}
+        }
+        if(!!config.data && config.data != null){
+          let encrypt = AESTools.AESEncrypt(JSON.stringify(config.data),configApp.REQ_PWD)
+          console.log("[调用请求加密服务][请求地址:"+config.url+"][加密前报文：]",JSON.stringify(config.data))
+          config.data =  {"data": encrypt }
+          console.log("[调用请求加密服务][请求地址:"+config.url+"][加密后报文：]",config.data)
+        }
+      }
+      config.headers['token'] = CacheUtils.getLocItem('token')
+      // 添加请时间戳
+      let timeStr = new Date().getTime() + '';
+      config.headers['timeStr'] = timeStr;
+      config.headers['signature'] = MD5(timeStr + CacheUtils.getLocItem('token'));
+      // config.headers['token'] = `f0003a753d1d492083248f723ab1b6e9`//TEST测试专用
+      return config
+    },
+    error => {
+      // Do something with request error
+      Promise.reject(error)
    }
-
-    config.headers['token'] = window.localStorage.getItem('token')
-    // config.headers['token'] = `f0003a753d1d492083248f723ab1b6e9`//TEST测试专用
-    return config
-  },
-  error => {
-    // Do something with request error
-    Promise.reject(error)
-  }
 )

 // respone拦截器
 service.interceptors.response.use(
-  response => {
-    const res = response.data
-    console.log(res, 'res')
-    Toast.clear()
-    if (res.code != 0) {
-      if (res.code == 10001 || res.code == 10002) {
-        Dialog.confirm({
-          confirmButtonText: '重新登录',
-          message: '你已被登出，可以取消继续留在该页面，或者重新登录'
-        }).then(() => {
-          //eslint-disable-next-line
-          EWebBridge.webCallAppInJs('bridge', {
-            flag: 'login'
-          })
-        })
-      } else {
-        //Toast.fail(res.msg)
+    response => {
+      console.log(response)
+        console.log('----------------')
+      let res = response.data
+      if(response.config.url && response.config.method == 'post' && /api\/$/.test(response.config.url.split(configApp.API_VERSION)[0])){
+        if(res.response){// 正常情況返回必有response 节点
+          console.log("[调用请求解密服务][请求地址:"+response.config.url+"][解密前报文：]",JSON.stringify(res.response))
+          res = JSON.parse(AESTools.AESDecrypt(res.response,configApp.REQ_PWD))
+          console.log("[调用请求解密服务][请求地址:"+response.config.url+"][解密后报文：]",res)
+        }
      }
-      return Promise.reject(res)
-    } else {
-      return response.data.content
+      Toast.clear()
+      if (res.code != 0) {
+        if (res.code == 10001 || res.code == 10002) {
+          Dialog.confirm({
+            confirmButtonText: '重新登录',
+            message: '你已被登出，可以取消继续留在该页面，或者重新登录'
+          }).then(() => {
+            //eslint-disable-next-line
+            EWebBridge.webCallAppInJs('bridge', {
+              flag: 'login'
+            })
+          })
+        } else {
+          //Toast.fail(res.msg)
+        }
+        return Promise.reject(res)
+      } else {
+        return res.content
+      }
+    },
+    error => {
+      Toast.clear()
+      console.log('err' + error) // for debug
+      //Toast.fail(error.message)
+      return Promise.reject(error)
    }
-  },
-  error => {
-    Toast.clear()
-    console.log('err' + error) // for debug
-    //Toast.fail(error.message)
-    return Promise.reject(error)
-  }
 )

 export default service