给所有请求都加上jwt,隐藏生成jwt的secret(放到.env中),隐藏app-secret(放在pm2运行配置文件中,后续直接读取环境配置即可)

This commit is contained in:
2025-10-17 15:28:22 +08:00
parent 9ec6d30573
commit 59706b70d0
70 changed files with 2279 additions and 688 deletions
+12 -4
View File
@@ -91,12 +91,16 @@ function mapApiToFrontend(apiGroup: ApiRuleGroup): RuleGroup {
export async function loader({ request }: LoaderFunctionArgs) {
// console.log("rule-groups.new loader被调用,URL:", request.url);
try {
// 获取用户会话信息
const { getUserSession } = await import("~/api/login/auth.server");
const { frontendJWT } = await getUserSession(request);
const url = new URL(request.url);
const id = url.searchParams.get("id");
// console.log("获取到的ID参数:", id);
// 获取一级分组列表 (用于选择父级分组)
const parentGroupsResponse = await getRuleGroups();
const parentGroupsResponse = await getRuleGroups(frontendJWT);
if (parentGroupsResponse.error) {
console.error("获取父分组列表失败:", parentGroupsResponse.error);
throw new Error(parentGroupsResponse.error);
@@ -112,7 +116,7 @@ export async function loader({ request }: LoaderFunctionArgs) {
// 如果有ID,获取分组详情
if (id) {
const groupResponse = await getRuleGroup(id);
const groupResponse = await getRuleGroup(id, frontendJWT);
if (groupResponse.error) {
console.error("获取分组详情失败:", groupResponse.error);
throw new Error(groupResponse.error);
@@ -146,6 +150,10 @@ export async function loader({ request }: LoaderFunctionArgs) {
export async function action({ request }: ActionFunctionArgs) {
const formData = await request.formData();
// 获取用户会话信息
const { getUserSession } = await import("~/api/login/auth.server");
const { frontendJWT } = await getUserSession(request);
// 提取表单数据
const id = formData.get("id") as string | null;
const name = formData.get("name") as string;
@@ -193,9 +201,9 @@ export async function action({ request }: ActionFunctionArgs) {
// 根据是否有ID决定是创建还是更新
let response;
if (id) {
response = await updateRuleGroup(id, saveData);
response = await updateRuleGroup(id, saveData, frontendJWT);
} else {
response = await createRuleGroup(saveData);
response = await createRuleGroup(saveData, frontendJWT);
}
// 处理API响应