给所有请求都加上jwt,隐藏生成jwt的secret(放到.env中),隐藏app-secret(放在pm2运行配置文件中,后续直接读取环境配置即可)

This commit is contained in:
2025-10-17 15:28:22 +08:00
parent 9ec6d30573
commit 59706b70d0
70 changed files with 2279 additions and 688 deletions
+16 -6
View File
@@ -97,8 +97,12 @@ export async function loader({ request }: LoaderFunctionArgs) {
};
try {
// 获取用户会话信息
const { getUserSession } = await import("~/api/login/auth.server");
const { frontendJWT } = await getUserSession(request);
// 获取评查点类型列表,供前端筛选使用
const typeResponse = await getRuleTypes();
const typeResponse = await getRuleTypes(undefined, frontendJWT);
if (typeResponse.error) {
console.error('获取评查点类型失败:', typeResponse.error);
@@ -113,7 +117,8 @@ export async function loader({ request }: LoaderFunctionArgs) {
currentPage: params.page,
pageSize: params.pageSize,
ruleTypes,
initialLoad: true
initialLoad: true,
frontendJWT
}, {
headers: {
"Cache-Control": "max-age=60, s-maxage=180"
@@ -139,11 +144,15 @@ export async function action({ request }: LoaderFunctionArgs) {
}
try {
// 获取用户会话信息
const { getUserSession } = await import("~/api/login/auth.server");
const { frontendJWT } = await getUserSession(request);
if (_action === 'delete') {
// 调用API删除评查点
// console.log(`删除评查点 ${ruleId}`);
const deleteResponse = await deleteRule(ruleId as string);
const deleteResponse = await deleteRule(ruleId as string, frontendJWT);
if (deleteResponse.error) {
return Response.json({ result: false, message: deleteResponse.error }, { status: deleteResponse.status || 500 });
@@ -257,7 +266,7 @@ export default function RulesIndex() {
// 获取评查点类型
try {
const typeResponse = await getRuleTypes(typeToUse);
const typeResponse = await getRuleTypes(typeToUse, loaderData.frontendJWT);
if (typeResponse.data) {
setRuleTypes(typeResponse.data);
}
@@ -273,7 +282,8 @@ export default function RulesIndex() {
keyword: searchParams.get('keyword') || undefined,
page: currentPage,
pageSize,
reviewType: typeToUse
reviewType: typeToUse,
token: loaderData.frontendJWT
};
// 调用 API 获取数据
@@ -307,7 +317,7 @@ export default function RulesIndex() {
const loadRuleGroups = async () => {
setLoadingGroups(true);
try {
const response = await getRuleGroupsByType(ruleTypeParam);
const response = await getRuleGroupsByType(ruleTypeParam, loaderData.frontendJWT);
if (response.data) {
setRuleGroups(response.data);
} else if (response.error) {