给所有请求都加上jwt,隐藏生成jwt的secret(放到.env中),隐藏app-secret(放在pm2运行配置文件中,后续直接读取环境配置即可)

This commit is contained in:
2025-10-17 15:28:22 +08:00
parent 9ec6d30573
commit 59706b70d0
70 changed files with 2279 additions and 688 deletions
+13 -6
View File
@@ -12,6 +12,7 @@ import { getConfigLists, getConfigOptions, updateConfigStatus, type ConfigItem }
import configListsStyles from "~/styles/pages/config-lists_index.css?url";
import { toastService } from "~/components/ui/Toast";
import { messageService } from "~/components/ui/MessageModal";
import { getUserSession } from "~/api/login/auth.server";
export const links = () => [
{ rel: "stylesheet", href: configListsStyles }
@@ -72,7 +73,10 @@ export async function loader({ request }: LoaderFunctionArgs) {
const is_active = url.searchParams.get("is_active") ? url.searchParams.get("is_active") === "true" : undefined;
const currentPage = parseInt(url.searchParams.get("page") || "1", 10);
const pageSize = parseInt(url.searchParams.get("pageSize") || "10", 10);
// 获取JWT token
const { frontendJWT } = await getUserSession(request);
try {
// 获取配置列表
const configsResponse = await getConfigLists({
@@ -82,14 +86,14 @@ export async function loader({ request }: LoaderFunctionArgs) {
is_active,
page: currentPage,
pageSize
});
}, frontendJWT);
if (configsResponse.error || !configsResponse.data) {
throw new Error(configsResponse.error || "获取配置列表失败");
}
// 获取配置选项
const optionsResponse = await getConfigOptions();
const optionsResponse = await getConfigOptions(frontendJWT);
if (optionsResponse.error || !optionsResponse.data) {
throw new Error(optionsResponse.error || "获取配置选项失败");
@@ -121,17 +125,20 @@ export async function action({ request }: ActionFunctionArgs) {
const formData = await request.formData();
const _action = formData.get('_action');
const configId = formData.get('configId');
if (!configId) {
return Response.json({ result: false, message: "缺少配置ID" }, { status: 400 });
}
// 获取JWT token
const { frontendJWT } = await getUserSession(request);
// 进行更新启用和禁用的状态
try {
if (_action === 'toggleStatus') {
const is_active = formData.get('is_active') === 'true';
const response = await updateConfigStatus(parseInt(configId as string), is_active);
const response = await updateConfigStatus(parseInt(configId as string), is_active, frontendJWT);
if (response.error) {
return Response.json({ result: false, message: response.error }, { status: 500 });