6 months ago · 4b5a682892
--- a/src/api/common/index.js
+++ b/src/api/common/index.js
@@ -383,6 +383,7 @@ export const socialAuthRedirect = async (params) => {
 
				 export const orderCreated = async (data) => {
			
 
				   return await request.post({
			
 
				     url: '/app-api/menduner/system/trade/order/create',
			
 
				+    openEncryption: true,
			
 
				     data
			
 
				   })
			
 
				 }
			
--- a/src/api/mall.js
+++ b/src/api/mall.js
@@ -4,6 +4,7 @@ import request from '@/config/axios'
 
				 export const redeemSubmit = async (data) => {
			
 
				   return request.post({
			
 
				     url: '/app-api/menduner/system/redeem/submit',
			
 
				+    openEncryption: true,
			
 
				     data
			
 
				   })
			
 
				 }
			
--- a/src/api/position.js
+++ b/src/api/position.js
@@ -164,6 +164,7 @@ export const saveJobAdvertised = async (data) => {
 
				 export const createTradeOrder = async (data) => {
			
 
				   return await request.post({
			
 
				     url: '/app-api/menduner/system/recruit/trade/order/create',
			
 
				+    openEncryption: true,
			
 
				     data
			
 
				   })
			
 
				 }
			
--- a/src/config/axios/service.js
+++ b/src/config/axios/service.js
@@ -8,11 +8,10 @@ import { getSuffixAfterPrefix, showNextAction } from '@/utils/prefixUrl'
 
				 import { getCurrentLocaleLang } from '@/utils/lang'
			
 
				 import { enterpriseRefreshToken, userRefreshToken } from '@/api/common'
			
 
				 import { getToken, getRefreshToken, setToken, setRefreshToken, getIsEnterprise } from '@/utils/auth'
			
 
				+import { encryptionFun } from '@/utils/openEncryption'
			
 
				 import { rewardEventTrackClick } from '@/api/integral'
			
 
				 import errorCode from './errorCode'
			
 
				 import { useI18n } from '@/hooks/web/useI18n'
			
 
				-import { generateUUID } from "@/utils/index" 
			
 
				-import { sha256 } from 'js-sha256'
			
 
				 
			
 
				 // import { resetRouter } from '@/router'
			
 
				 // import { deleteUserCache } from '@/hooks/web/useCache'
			
@@ -78,30 +77,7 @@ service.interceptors.request.use(
 
				     }
			
 
				 
			
 
				     // 开启参数加密
			
 
				-    if (config.openEncryption) {
			
 
				-      // 1.请求的参数json // 携带的json一下，url拼接参数的直接用，没有参数不拼接
			
 
				-      const jsonData = config.data ? JSON.stringify({...config.data}) :
			
 
				-        config.params ? qs.stringify({...config.params}, { allowDots: true }) :
			
 
				-        config.url.split('?')?.length>1 ? config.url.split('?')[1] : ''
			
 
				-      // 2.固定的参数初始化成字符串
			
 
				-      const supHeaders = {
			
 
				-        appId: 'test', // 与后端协商一致使用
			
 
				-        nonce: generateUUID(), // 前端生成唯一参数
			
 
				-        timestamp: new Date().getTime(),
			
 
				-      }
			
 
				-      const appSecret = '123456' // 与后端协商一致使用
			
 
				-      const staticHeadersStr = Object.keys(supHeaders).reduce((str, key) => {
			
 
				-        str = str ? str + `&${key}=${supHeaders[key]}` : `${key}=${supHeaders[key]}`
			
 
				-        return str
			
 
				-      }, '') + appSecret
			
 
				-
			
 
				-      // 3.固定参数和请求参数拼接（拼接1和2）// signString
			
 
				-      const finalStr = jsonData + staticHeadersStr
			
 
				-      // 加密字符串
			
 
				-      if (finalStr) supHeaders.sign = sha256(finalStr)
			
 
				-      // 4.请求头加参数: appId + nonce + timestamp + sign // 顺序不能变
			
 
				-      if (supHeaders) Object.keys(supHeaders).forEach(key => { (config).headers[key] = supHeaders[key] })
			
 
				-    }
			
 
				+    if (config.openEncryption) encryptionFun(config)
			
 
				 
			
 
				     // 设置租户
			
 
				     if (tenantEnable && tenantEnable === 'true') {
			
--- a/src/utils/openEncryption.js
+++ b/src/utils/openEncryption.js
@@ -0,0 +1,35 @@
 
				+import { generateUUID } from "@/utils/index" 
			
 
				+import { sha256 } from 'js-sha256'
			
 
				+
			
 
				+// 加密方式：请求头加参数: appId + nonce + timestamp + sign
			
 
				+// (sign为: queryJsonData+paramsToStrSort+appSecret拼接后sha256加密字符串)
			
 
				+
			
 
				+// 开启参数加密
			
 
				+export const encryptionFun = (config) => {
			
 
				+  // console.log('加密内容用完请注释->config', config)
			
 
				+  const initSign = {
			
 
				+    appId: 'web_client', // 与后端协商一致使用
			
 
				+    nonce: generateUUID(), // 前端生成唯一参数
			
 
				+    timestamp: new Date().getTime(),
			
 
				+  }
			
 
				+  // 固定的参数初始化成字符串
			
 
				+  const paramsToStrSort = ['appId', 'nonce', 'timestamp'] // 顺序不能变
			
 
				+  let paramsStr = paramsToStrSort.reduce((str, key) => {
			
 
				+    if (initSign[key]) str = str ? str + `&${key}=${initSign[key]}` : `${key}=${initSign[key]}`
			
 
				+    return str
			
 
				+  }, '')
			
 
				+  const appSecret = 'fa0fc0b5098b974b' // 与后端协商一致使用(拼接在paramsStr后面，且拼接时不加key)
			
 
				+  paramsStr = paramsStr + appSecret
			
 
				+  // console.log('加密内容用完请注释->paramsStr', paramsStr)
			
 
				+
			
 
				+  // 请求的参数json // 携带的参数json一下，url拼接参数的直接用，没有参数不拼接
			
 
				+  const queryJsonData = config.data ? JSON.stringify(config.data) :
			
 
				+    config.params ? qs.stringify(config.params, { allowDots: true }) :
			
 
				+    config.url.split('?')?.length>1 ? config.url.split('?')[1] : ''
			
 
				+
			
 
				+  // sha256加密字符串 
			
 
				+  if (paramsStr) initSign.sign = sha256(queryJsonData + paramsStr)
			
 
				+
			
 
				+  // 请求头加参数initSign，请求头加参数: appId + nonce + timestamp + sign
			
 
				+  if (initSign &&  Object.keys(initSign).length) Object.keys(initSign).forEach(key => { (config).headers[key] = initSign[key] })
			
 
				+}