给所有请求都加上jwt,隐藏生成jwt的secret(放到.env中),隐藏app-secret(放在pm2运行配置文件中,后续直接读取环境配置即可)
This commit is contained in:
@@ -91,12 +91,16 @@ function mapApiToFrontend(apiGroup: ApiRuleGroup): RuleGroup {
|
||||
export async function loader({ request }: LoaderFunctionArgs) {
|
||||
// console.log("rule-groups.new loader被调用,URL:", request.url);
|
||||
try {
|
||||
// 获取用户会话信息
|
||||
const { getUserSession } = await import("~/api/login/auth.server");
|
||||
const { frontendJWT } = await getUserSession(request);
|
||||
|
||||
const url = new URL(request.url);
|
||||
const id = url.searchParams.get("id");
|
||||
// console.log("获取到的ID参数:", id);
|
||||
|
||||
// 获取一级分组列表 (用于选择父级分组)
|
||||
const parentGroupsResponse = await getRuleGroups();
|
||||
const parentGroupsResponse = await getRuleGroups(frontendJWT);
|
||||
if (parentGroupsResponse.error) {
|
||||
console.error("获取父分组列表失败:", parentGroupsResponse.error);
|
||||
throw new Error(parentGroupsResponse.error);
|
||||
@@ -112,7 +116,7 @@ export async function loader({ request }: LoaderFunctionArgs) {
|
||||
|
||||
// 如果有ID,获取分组详情
|
||||
if (id) {
|
||||
const groupResponse = await getRuleGroup(id);
|
||||
const groupResponse = await getRuleGroup(id, frontendJWT);
|
||||
if (groupResponse.error) {
|
||||
console.error("获取分组详情失败:", groupResponse.error);
|
||||
throw new Error(groupResponse.error);
|
||||
@@ -146,6 +150,10 @@ export async function loader({ request }: LoaderFunctionArgs) {
|
||||
export async function action({ request }: ActionFunctionArgs) {
|
||||
const formData = await request.formData();
|
||||
|
||||
// 获取用户会话信息
|
||||
const { getUserSession } = await import("~/api/login/auth.server");
|
||||
const { frontendJWT } = await getUserSession(request);
|
||||
|
||||
// 提取表单数据
|
||||
const id = formData.get("id") as string | null;
|
||||
const name = formData.get("name") as string;
|
||||
@@ -193,9 +201,9 @@ export async function action({ request }: ActionFunctionArgs) {
|
||||
// 根据是否有ID决定是创建还是更新
|
||||
let response;
|
||||
if (id) {
|
||||
response = await updateRuleGroup(id, saveData);
|
||||
response = await updateRuleGroup(id, saveData, frontendJWT);
|
||||
} else {
|
||||
response = await createRuleGroup(saveData);
|
||||
response = await createRuleGroup(saveData, frontendJWT);
|
||||
}
|
||||
|
||||
// 处理API响应
|
||||
|
||||
Reference in New Issue
Block a user