mirror of
https://github.com/certd/certd.git
synced 2026-04-24 12:27:25 +08:00
fix: 修复系统级授权无法查看密钥的bug
This commit is contained in:
xiaojunnuo
@@ -112,6 +112,17 @@ export class SysSecretBackup extends BaseSettings {
|
||||
encryptSecret?: string;
|
||||
}
|
||||
|
||||
/**
|
||||
* 不要修改
|
||||
*/
|
||||
export class SysSecret extends BaseSettings {
|
||||
static __title__ = '密钥信息';
|
||||
static __key__ = 'sys.secret';
|
||||
static __access__ = 'private';
|
||||
siteId?: string;
|
||||
encryptSecret?: string;
|
||||
}
|
||||
|
||||
export class SysSiteEnv {
|
||||
agent?: {
|
||||
enabled?: boolean;
|
||||
|
||||
@@ -1,25 +1,22 @@
|
||||
import { Inject, Provide, Scope, ScopeEnum } from '@midwayjs/core';
|
||||
import { Provide, Scope, ScopeEnum } from '@midwayjs/core';
|
||||
import { InjectEntityModel } from '@midwayjs/typeorm';
|
||||
import { Repository } from 'typeorm';
|
||||
import { SysSettingsEntity } from '../entity/sys-settings.js';
|
||||
import { CacheManager } from '@midwayjs/cache';
|
||||
import { BaseSettings, SysInstallInfo, SysPrivateSettings, SysPublicSettings, SysSecretBackup } from './models.js';
|
||||
import { BaseSettings, SysInstallInfo, SysPrivateSettings, SysPublicSettings, SysSecret, SysSecretBackup } from './models.js';
|
||||
import * as _ from 'lodash-es';
|
||||
import { BaseService } from '../../../basic/index.js';
|
||||
import { logger, setGlobalProxy } from '@certd/basic';
|
||||
import { cache, logger, setGlobalProxy } from '@certd/basic';
|
||||
import * as dns from 'node:dns';
|
||||
|
||||
/**
|
||||
* 设置
|
||||
*/
|
||||
@Provide()
|
||||
@Scope(ScopeEnum.Request, { allowDowngrade: true })
|
||||
@Scope(ScopeEnum.Singleton)
|
||||
export class SysSettingsService extends BaseService<SysSettingsEntity> {
|
||||
@InjectEntityModel(SysSettingsEntity)
|
||||
repository: Repository<SysSettingsEntity>;
|
||||
|
||||
@Inject()
|
||||
cache: CacheManager; // 依赖注入CacheManager
|
||||
|
||||
getRepository() {
|
||||
return this.repository;
|
||||
}
|
||||
@@ -72,7 +69,7 @@ export class SysSettingsService extends BaseService<SysSettingsEntity> {
|
||||
async getSetting<T>(type: any): Promise<T> {
|
||||
const key = type.__key__;
|
||||
const cacheKey = type.getCacheKey();
|
||||
const settings: T = await this.cache.get(cacheKey);
|
||||
const settings: T = cache.get(cacheKey);
|
||||
if (settings) {
|
||||
return settings;
|
||||
}
|
||||
@@ -80,7 +77,7 @@ export class SysSettingsService extends BaseService<SysSettingsEntity> {
|
||||
const savedSettings = await this.getSettingByKey(key);
|
||||
newSetting = _.merge(newSetting, savedSettings);
|
||||
await this.saveSetting(newSetting);
|
||||
await this.cache.set(cacheKey, newSetting);
|
||||
cache.set(cacheKey, newSetting);
|
||||
return newSetting;
|
||||
}
|
||||
|
||||
@@ -93,6 +90,12 @@ export class SysSettingsService extends BaseService<SysSettingsEntity> {
|
||||
if (entity) {
|
||||
entity.setting = JSON.stringify(bean);
|
||||
entity.access = type.__access__;
|
||||
|
||||
if (key === SysSecretBackup.__key__ || key === SysSecret.__key__) {
|
||||
//备份密钥不允许更新
|
||||
return;
|
||||
}
|
||||
|
||||
await this.repository.save(entity);
|
||||
} else {
|
||||
const newEntity = new SysSettingsEntity();
|
||||
@@ -103,7 +106,7 @@ export class SysSettingsService extends BaseService<SysSettingsEntity> {
|
||||
await this.repository.save(newEntity);
|
||||
}
|
||||
|
||||
await this.cache.set(cacheKey, bean);
|
||||
cache.set(cacheKey, bean);
|
||||
}
|
||||
|
||||
async getPublicSettings(): Promise<SysPublicSettings> {
|
||||
@@ -146,7 +149,7 @@ export class SysSettingsService extends BaseService<SysSettingsEntity> {
|
||||
} else {
|
||||
throw new Error('该设置不存在');
|
||||
}
|
||||
await this.cache.del(`settings.${key}`);
|
||||
cache.delete(`settings.${key}`);
|
||||
}
|
||||
|
||||
async backupSecret() {
|
||||
@@ -173,4 +176,20 @@ export class SysSettingsService extends BaseService<SysSettingsEntity> {
|
||||
}
|
||||
}
|
||||
}
|
||||
async getSecret() {
|
||||
const sysSecret = await this.getSetting<SysSecret>(SysSecret);
|
||||
if (sysSecret.encryptSecret) {
|
||||
return sysSecret;
|
||||
}
|
||||
//从备份中读取
|
||||
const settings = await this.getSettingByKey(SysSecretBackup.__key__);
|
||||
if (settings == null || !settings.encryptSecret) {
|
||||
throw new Error('密钥备份不存在');
|
||||
}
|
||||
sysSecret.siteId = settings.siteId;
|
||||
sysSecret.encryptSecret = settings.encryptSecret;
|
||||
await this.saveSetting(sysSecret);
|
||||
logger.info('密钥恢复成功');
|
||||
return sysSecret;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
import { Init, Inject, Provide, Scope, ScopeEnum } from '@midwayjs/core';
|
||||
import crypto from 'crypto';
|
||||
import { SysPrivateSettings, SysSettingsService } from '../../../system/index.js';
|
||||
import { SysSecret, SysSettingsService } from '../../../system/index.js';
|
||||
|
||||
/**
|
||||
* 授权
|
||||
@@ -15,8 +15,8 @@ export class EncryptService {
|
||||
|
||||
@Init()
|
||||
async init() {
|
||||
const privateInfo: SysPrivateSettings = await this.sysSettingService.getSetting(SysPrivateSettings);
|
||||
this.secretKey = Buffer.from(privateInfo.encryptSecret, 'base64');
|
||||
const secret: SysSecret = await this.sysSettingService.getSecret();
|
||||
this.secretKey = Buffer.from(secret.encryptSecret, 'base64');
|
||||
}
|
||||
|
||||
// 加密函数
|
||||
|
||||
Reference in New Issue
Block a user