给所有请求都加上jwt,隐藏生成jwt的secret(放到.env中),隐藏app-secret(放在pm2运行配置文件中,后续直接读取环境配置即可)

This commit is contained in:
2025-10-17 15:28:22 +08:00
parent 9ec6d30573
commit 59706b70d0
70 changed files with 2279 additions and 688 deletions
+22 -12
View File
@@ -357,12 +357,19 @@ export async function uploadDocumentToServer(
// const response = await fetch(`${API_BASE_URL}/admin/documents/upload`, {
try {
// console.log('【调试】开始fetch请求...');
// 构建请求头,只在有JWT token时添加Authorization
const headers: HeadersInit = {
'X-File-Name': encodeURIComponent(fileName)
};
if (jwtToken) {
headers['Authorization'] = `Bearer ${jwtToken}`;
}
const response = await fetch(uploadUrl, {
method: 'POST',
headers: {
'X-File-Name': encodeURIComponent(fileName),
'Authorization': `Bearer ${jwtToken || ''}`
},
headers,
body: formData
});
@@ -422,7 +429,7 @@ export async function uploadDocumentToServer(
* @param reviewType 审核类型(可选)
* @returns 文档列表
*/
export async function getTodayDocuments(userInfo?: { user_id?: number; [key: string]: unknown }, reviewType?: string): Promise<{data: Document[]; error?: never} | {data?: never; error: string; status?: number}> {
export async function getTodayDocuments(userInfo?: { user_id?: number; [key: string]: unknown }, reviewType?: string, token?: string): Promise<{data: Document[]; error?: never} | {data?: never; error: string; status?: number}> {
try {
// 检查用户信息是否存在
if (!userInfo?.user_id) {
@@ -492,7 +499,7 @@ export async function getTodayDocuments(userInfo?: { user_id?: number; [key: str
// postgrestGet<ContractStructureComparison[]>('contract_structure_comparison', comparisonParams)
// ]);
const documentsResponse = await postgrestGet<Document[]>('documents', documentsParams);
const documentsResponse = await postgrestGet<Document[]>('documents', { ...documentsParams, token });
// console.log('documents表响应:', documentsResponse);
// console.log('contract_structure_comparison表响应:', comparisonResponse);
@@ -594,7 +601,7 @@ export async function getTodayDocuments(userInfo?: { user_id?: number; [key: str
}
// console.log('发送请求参数:', params);
const response = await postgrestGet<Document[]>('documents', params);
const response = await postgrestGet<Document[]>('documents', { ...params, token });
// console.log('API 响应:', response);
if (response.error) {
@@ -623,9 +630,10 @@ export async function getTodayDocuments(userInfo?: { user_id?: number; [key: str
/**
* 获取文档类型列表
* @param reviewType 审核类型(可选)
* @param token JWT token (可选)
* @returns 文档类型列表
*/
export async function getDocumentTypes(reviewType?: string): Promise<{data: DocumentType[]; error?: never} | {data?: never; error: string; status?: number}> {
export async function getDocumentTypes(reviewType?: string, token?: string): Promise<{data: DocumentType[]; error?: never} | {data?: never; error: string; status?: number}> {
try {
const params: PostgrestParams = {
select: 'id, name',
@@ -649,7 +657,7 @@ export async function getDocumentTypes(reviewType?: string): Promise<{data: Docu
}
}
const response = await postgrestGet<DocumentType[]>('document_types', params);
const response = await postgrestGet<DocumentType[]>('document_types', { ...params, token });
if (response.error) {
return { error: response.error, status: response.status };
@@ -674,11 +682,13 @@ export async function getDocumentTypes(reviewType?: string): Promise<{data: Docu
* 获取指定文档的状态
* @param documentIds 文档ID列表
* @param attachmentIds 合同附件ID列表(可选)
* @param token JWT token (可选)
* @returns 文档状态列表
*/
export async function getDocumentsStatus(
documentIds: number[],
attachmentIds?: number[]
attachmentIds?: number[],
token?: string
): Promise<{data: Document[]; error?: never} | {data?: never; error: string; status?: number}> {
try {
if ((!documentIds || documentIds.length === 0) && (!attachmentIds || attachmentIds.length === 0)) {
@@ -695,7 +705,7 @@ export async function getDocumentsStatus(
'id': `in.(${documentIds.join(',')})`
}
};
documentsResponse = await postgrestGet<Document[]>('documents', documentsParams);
documentsResponse = await postgrestGet<Document[]>('documents', { ...documentsParams, token });
}
// 查询合同附件状态
@@ -708,7 +718,7 @@ export async function getDocumentsStatus(
'id': `in.(${attachmentIds.join(',')})`
}
};
attachmentResponse = await postgrestGet<ContractStructureComparison[]>('contract_structure_comparison', attachmentParams);
attachmentResponse = await postgrestGet<ContractStructureComparison[]>('contract_structure_comparison', { ...attachmentParams, token });
}
if (documentsResponse.error && attachmentResponse.error) {