公司要求前后端参数和返回进行加密解密,采用了对称加密,AES+CBC+BASE64前后端可配置

1、后端SpringBoot 过滤器方式,支持接口排除

1.1 加密解密工具

import java.nio.charset.StandardCharsets;

import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;

import org.apache.shiro.codec.Base64;
import org.springframework.stereotype.Component;

/**
 * Description AES CBC + BASE64加密
 * 
 * @author
 * @date 14:58 2022/3/31
 */
@Component
public final class AesEncryptUtil {

    private AesEncryptUtil() {}

    /**
     * 加密方法
     *
     * @param data
     *            要加密的数据
     * @param key
     *            加密key
     * @param iv
     *            加密iv
     * @return 加密的结果
     * @throws Exception
     *             异常
     */
    public static String encrypt(String data, String key, String iv, String padding) {
        try {
            // "算法/模式/补码方式"
            Cipher cipher = Cipher.getInstance(padding);
            int blockSize = cipher.getBlockSize();
            byte[] dataBytes = data.getBytes(StandardCharsets.UTF_8);
            int plaintextLength = dataBytes.length;
            if (plaintextLength % blockSize != 0) {
                plaintextLength = plaintextLength + (blockSize - (plaintextLength % blockSize));
            }
            byte[] plaintext = new byte[plaintextLength];
            System.arraycopy(dataBytes, 0, plaintext, 0, dataBytes.length);
            SecretKeySpec keyStr = new SecretKeySpec(key.getBytes(StandardCharsets.UTF_8), "AES");
            IvParameterSpec ivStr = new IvParameterSpec(iv.getBytes(StandardCharsets.UTF_8));
            cipher.init(Cipher.ENCRYPT_MODE, keyStr, ivStr);
            byte[] encrypted = cipher.doFinal(plaintext);
            return new String(Base64.encode(encrypted));
        } catch (Exception e) {
            throw BusinessException.create("加密失败:" + e.getMessage());
        }
    }

    /**
     * 解密方法
     *
     * @param data
     *            要解密的数据
     * @param key
     *            解密key
     * @param iv
     *            解密iv
     * @return 解密的结果
     * @throws Exception
     *             异常
     */
    public static String desEncrypt(String data, String key, String iv, String padding) {
        try {
            byte[] encrypted1 = Base64.decode(data);
            Cipher cipher = Cipher.getInstance(padding);
            SecretKeySpec keyStr = new SecretKeySpec(key.getBytes(StandardCharsets.UTF_8), "AES");
            IvParameterSpec ivStr = new IvParameterSpec(iv.getBytes(StandardCharsets.UTF_8));
            cipher.init(Cipher.DECRYPT_MODE, keyStr, ivStr);
            byte[] original = cipher.doFinal(encrypted1);
            return new String(original, StandardCharsets.UTF_8);
        } catch (Exception e) {
            throw BusinessException.create("解码失败:" + e.getMessage());
        }
    }

    /**
     * 将二进制转换成16进制
     *
     * @param buf
     * @return
     */
    public static String parseByte2HexStr(byte buf[]) {
        StringBuilder sb = new StringBuilder();
        for (int i = 0; i < buf.length; i++) {
            String hex = Integer.toHexString(buf[i] & 0xFF);
            if (hex.length() == 1) {
                hex = '0' + hex;
            }
            sb.append(hex.toUpperCase());
        }
        return sb.toString();
    }

    /**
     * 将16进制转换为二进制
     *
     * @param hexStr
     * @return
     */
    public static byte[] parseHexStr2Byte(String hexStr) {

        if (hexStr.length() < 1) {
            return new byte[0];
        }
        byte[] result = new byte[hexStr.length() / 2];
        for (int i = 0; i < hexStr.length() / 2; i++) {
            int high = Integer.parseInt(hexStr.substring(i * 2, i * 2 + 1), 16);
            int low = Integer.parseInt(hexStr.substring(i * 2 + 1, i * 2 + 2), 16);
            result[i] = (byte)(high * 16 + low);
        }
        return result;
    }
}

1.2 过滤器

import java.io.BufferedReader;
import java.io.IOException;
import java.io.PrintWriter;
import java.nio.charset.StandardCharsets;
import java.util.Arrays;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.regex.Matcher;
import java.util.regex.Pattern;

import javax.servlet.*;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import com.alibaba.fastjson.JSONArray;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Component;
import org.springframework.util.CollectionUtils;

import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.JSONObject;
import com.google.common.collect.Lists;

import cn.hutool.core.util.StrUtil;
import lombok.SneakyThrows;
import lombok.extern.slf4j.Slf4j;

/***
 * Description 请求参数加密过滤器
 *
 * @date 16:34 2022/3/29
 */
@Component
@Slf4j
public class ParamResultFilter implements Filter {

    /**
     * 参数是否加密
     */
    @Value("${emmp.aesencrypt.paramEncryptAble:false}")
    private Boolean paramEncryptAble;

    /**
     * 结果是否加密
     */
    @Value("${emmp.aesencrypt.resultEncryptAble:false}")
    private Boolean resultEncryptAble;

    /**
     * 排除加密解密的接口
     */
    @Value("${emmp.aesencrypt.excludeUrl:}")
    private String[] excludeUrls;

    /**
     * 使用AES-128-CBC加密模式,key需要为16位,key和iv可以相同!
     */
    @Value("${emmp.aesencrypt.key:}")
    private String key;

    @Value("${emmp.aesencrypt.iv:}")
    private String iv;

    @Value("${emmp.aesencrypt.padding:}")
    private String padding;

    private List<String> excludes;

    /**
     * GET 请求方式
     */
    private static final String GET_REQUEST = "GET";

    /**
     * GET 请求方式
     */
    private static final String OPTIONS = "OPTIONS";

    /**
     * DELETE 请求方式
     */
    private static final String DELETE_REQUEST = "DELETE";

    private static final String POST_REQUEST = "POST";

    /**
     * 加密字段
     */
    private static final String ENCRYPT_STR = "encryptStr";

    /**
     * 前端加密的请求,swagger 传输的时候没有这个请求头
     */
    private static final String ADVANCED = "Advanced";

    @SneakyThrows
    @Override
    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) {
        HttpServletRequest req = (HttpServletRequest)request;
        String method = req.getMethod();
        String requestUri = req.getRequestURI();
        // 这里处理swagger 的过滤
        boolean swaggerFlag = !StrUtil.isEmpty(requestUri) && requestUri.contains("/doc.html")
                || requestUri.contains("/webjars/bycdao-ui/") || requestUri.contains("/swagger")
                || requestUri.contains("/v2/");

        if (DELETE_REQUEST.equals(method) || OPTIONS.equals(method) || swaggerFlag) {
            // 这里是过滤器注册转发
            chain.doFilter(request, response);
            return;
        }

        // 允许跳过的接口
        if (handleExcludeUrl(req)) {
            // 这里是过滤器注册转发
            chain.doFilter(request, response);
            return;
        }
        // 是否参数加密
        RequestWrapper requestWrapper = new RequestWrapper((HttpServletRequest)request);
        // 前端加密之后的请求头
        String product = req.getHeader("Product");
        // 处理智搜的GET加密请求
        if (ADVANCED.equals(product) && GET_REQUEST.equals(method) && paramEncryptAble) {
            this.dealGetRequestDecode(requestWrapper);
        }
        // 如果可以json化一般都是swagger请求就直接请求
        boolean jsonFlag = false;
        // 处理post请求
        if (POST_REQUEST.equals(method)) {
            StringBuilder str = new StringBuilder();
            String line;
            BufferedReader reader;
            reader = requestWrapper.getReader();
            while ((line = reader.readLine()) != null) {
                str.append(line);
            }
            String json;
            if (StrUtil.isNotEmpty(str.toString())) {
                try {
                    JSONObject object = JSON.parseObject(str.toString());
                    json = object.toJSONString();
                    requestWrapper.setBody(json.getBytes(StandardCharsets.UTF_8));
                    // 能json 话说明是swagger的
                    jsonFlag = true;
                } catch (Exception e) {
                    try {
                        JSONArray object = JSON.parseArray(str.toString());
                        json = object.toJSONString();
                        requestWrapper.setBody(json.getBytes(StandardCharsets.UTF_8));
                        // 能json 话说明是swagger的
                        jsonFlag = true;
                    } catch (Exception exception) {
                        log.warn("不是常规的json字符串解密异常字符串:{},异常内容:{}", str.toString(), e.getMessage());
                    }
                }
            }
            // 如果不是swagger传过来的数据否则就对post进行解密且对返回的数据加密
            if (!jsonFlag) {
                // post请求内容需要解密
                json = AesEncryptUtil.desEncrypt(str.toString(), key, iv, padding);
                log.info("解密之后的字符串:{}", json);
                requestWrapper.setBody(json.getBytes(StandardCharsets.UTF_8));
            }
        }
        // 结果是否加密
        if (resultEncryptAble && !jsonFlag) {
            // 且对返回数据进行加密 ,此地方代码过于冗余后续可能需要对整个方法进行优化
            this.encryptResultData(chain, response, requestWrapper);
        } else {
            chain.doFilter(requestWrapper, response);
        }

    }

    /**
     * @description: 加密返回数据
     * @param: [chain,
     *             response, requestWrapper]
     * @return: void
     * @date: 2022/4/12 18:16
     */
    public void encryptResultData(FilterChain chain, ServletResponse response, RequestWrapper requestWrapper) {
        // 且对返回数据进行加密 ,此地方代码过于冗余后续可能需要对整个方法进行优化
        try {
            // 请注意响应处理 包装响应对象 res 并缓存响应数据,只有需要加密数据才使用这个 ResponseWrapper
            ResponseWrapper responseWrapper = new ResponseWrapper((HttpServletResponse)response);
            // 执行业务逻辑 交给下一个过滤器或servlet处理
            // 这里是过滤器注册转发
            chain.doFilter(requestWrapper, responseWrapper);
            // 是否结果加密
            byte[] resData = responseWrapper.getResponseData();
            // 设置响应内容格式,防止解析响应内容时出错
            // responseWrapper.setContentType("text/plain;charset=UTF-8");
            // 加密响应报文并响应
            String resultEncrypt = AesEncryptUtil.encrypt(new String(resData), key, iv, padding);
            // 这里得用原始的流去处理返回 切记
            PrintWriter out = response.getWriter();
            out.print(resultEncrypt);
            out.flush();
            out.close();

        } catch (Exception e) {
            log.error("返回数据加密失败:{}", e.getMessage());
            try {
                getFailResponse((HttpServletResponse)response);
            } catch (IOException ioException) {
                log.error("io异常:{}", ioException.getMessage());
            }

        }
    }

    /**
     * 前端get请求 加密之后需要解码请求参数
     *
     * @param requestWrapper
     */
    private void dealGetRequestDecode(RequestWrapper requestWrapper) {
        Map<String, String[]> parameterMap = requestWrapper.getParameterMap();
        Map<String, Object> paras = new HashMap<>();
        // 这里get 请求加密的value
        parameterMap.forEach((paramKey, encryptValue) -> {
            for (String s : encryptValue) {
                try {
                    // 解密请求的
                    String params = AesEncryptUtil.desEncrypt(s, key, iv, padding);
                    JSONObject jsonObject = JSON.parseObject(params);
                    jsonObject.forEach((name, value) -> {
                        String[] vs = {value + ""};
                        paras.put(name, vs);
                    });
                } catch (Exception e) {
                    log.info("get请求解密异常:{}", e.getMessage());
                }
            }

        });
        requestWrapper.addAllParameters(paras);
        log.info("paramsMap:{}", parameterMap);
    }

    private void getFailResponse(HttpServletResponse response) throws IOException {
        response.setCharacterEncoding("UTF-8");
        response.setContentType("application/json; charset=utf-8");
        PrintWriter out = null;
        out = response.getWriter();
        // out.write("{\n" +
        // " \"status\":"+ Constant.ENCRYPT_FAIL +",\n" +
        // " \"message\": null,\n" +
        // " \"data\": []\n" +
        // "}");
        // 加密后的错误消息
        out.write("服务端加密异常");
        out.flush();
        out.close();
    }

    @Override
    public void destroy() {}

    @Override
    public void init(FilterConfig filterConfig) {
        excludes = Lists.newArrayList(Arrays.asList(excludeUrls));
        /*String excludesTemp = filterConfig.getInitParameter("excludes");
        if (!StrUtil.isEmpty(excludesTemp)) {
            String[] url = excludesTemp.split(",");
            excludes.addAll(Arrays.asList(url));
        }*/
    }

    private boolean handleExcludeUrl(HttpServletRequest request) {
        if (CollectionUtils.isEmpty(excludes)) {
            return false;
        }
        String url = request.getServletPath();
        for (String pattern : excludes) {
            Pattern p = Pattern.compile("^" + pattern);
            Matcher m = p.matcher(url);
            if (m.find()) {
                return true;
            }
        }
        return false;
    }

    /*public static void main(String[] args) {
        String str = "http://localhost:8094/onlinePreview?url=%s&fileName=filename.xx";
        String str2 = "http://localhost:8094/onlinePreview?";
        System.out.println(str.substring(str.indexOf("?") + 1));
        System.out.println(str2.substring(str2.indexOf("?") + 1));
    }*/
}

nac或者配置文件

emmp
  aesencrypt:
    key: MTIzNDU2Nzg5MEFC
    iv: QUJDRURGMDk4NzY1
    padding: AES/CBC/NoPadding
    defaultPadding: AES/CBC/PKCS5Padding
    #跳过加密的url  
    excludeUrl: .*/orc/.*,.*/oauth/getClickApplicationInfo,.*/epUiImgSaveAndAnalysisMultipartFile,.*/autoKeyword,.*/common/defaultKaptcha,.*/fastdfs/.*,.*/eempFastdfs/.*,.*/wikipediaApi/.*,.*/homepage/preview
    #是否参数加密,需要与前端保持一致  
    paramEncryptAble: true
    #结果是否进行加密,需要与前端保持一致 
    resultEncryptAble: true   

request response 处理

import lombok.extern.slf4j.Slf4j;

import javax.servlet.ReadListener;
import javax.servlet.ServletInputStream;
import javax.servlet.ServletRequest;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import java.io.*;
import java.nio.charset.StandardCharsets;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Map;
import java.util.Vector;

/**
 * @version 1.0
 * @date 2021/12/16 14:42
 */
@Slf4j
public class RequestWrapper extends HttpServletRequestWrapper {
    private Map<String, String[]> params = new HashMap<>();

    private byte[] body;

    public RequestWrapper(HttpServletRequest request) {
        super(request);
        body = getBodyString(request).getBytes(StandardCharsets.UTF_8);
        //将参数表,赋予给当前的Map以便于持有request中的参数
        this.params.putAll(request.getParameterMap());

    }



    /**
     * 在获取所有的参数名,必须重写此方法,否则对象中参数值映射不上
     *
     * @return
     */
    @Override
    public Enumeration<String> getParameterNames() {
        return new Vector<>(params.keySet()).elements();
    }

    /**
     * 重写getParameter方法
     *
     * @param name 参数名
     * @return 返回参数值
     */
    @Override
    public String getParameter(String name) {
        String[] values = params.get(name);
        if (values == null || values.length == 0) {
            return null;
        }
        return values[0];
    }

    @Override
    public String[] getParameterValues(String name) {
        String[] values = params.get(name);
        if (values == null || values.length == 0) {
            return new String[]{};
        }
        return values;
    }

    /**
     * 增加多个参数
     *
     * @param otherParams 增加的多个参数
     */
    public void addAllParameters(Map<String, Object> otherParams) {
        for (Map.Entry<String, Object> entry : otherParams.entrySet()) {
            addParameter(entry.getKey(), entry.getValue());
        }
    }

    /**
     * 增加参数
     *
     * @param name  参数名
     * @param value 参数值
     */
    public void addParameter(String name, Object value) {
        if (value != null) {
            if (value instanceof String[]) {
                params.put(name, (String[]) value);
            } else if (value instanceof String) {
                params.put(name, new String[]{(String) value});
            } else {
                params.put(name, new String[]{String.valueOf(value)});
            }
        }
    }


    @Override
    public BufferedReader getReader() throws IOException {
        return new BufferedReader(new InputStreamReader(getInputStream()));
    }

    /**
     * 重写获取 输入流的方法,保证流可写可读多次
     *
     * @return ServletInputStream
     * @throws IOException IO异常
     */
    @Override
    public ServletInputStream getInputStream() throws IOException {
        final ByteArrayInputStream bs = new ByteArrayInputStream(body);
        return new ServletInputStream() {
            @Override
            public boolean isFinished() {
                return false;
            }

            @Override
            public boolean isReady() {
                return false;
            }

            @Override
            public void setReadListener(ReadListener readListener) {
                log.info(readListener.toString());
            }

            @Override
            public int read() throws IOException {
                return bs.read();
            }
        };
    }

    public byte[] getBody() {
        return body;
    }

    public void setBody(byte[] body) {
        this.body = body;
    }

    public static String getBodyString(ServletRequest request) {
        StringBuilder sb = new StringBuilder();
        try (
                InputStream inputStream = request.getInputStream();
                BufferedReader reader = new BufferedReader(new InputStreamReader(inputStream, StandardCharsets.UTF_8));
            ) {
            String line;
            while ((line = reader.readLine()) != null) {
                sb.append(line);
            }
        } catch (IOException e) {
            log.error("getBodyString IOException", e);
        }
        return sb.toString();
    }

}
import lombok.extern.slf4j.Slf4j;

import javax.servlet.ServletOutputStream;
import javax.servlet.WriteListener;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpServletResponseWrapper;
import java.io.*;

/**
 * @ClassName: ResponseWrapper
 * @Description:
 * @Date: 2022-04-11 10:41
 */
@Slf4j
public class ResponseWrapper extends HttpServletResponseWrapper {
    /**
     * @Description: 响应包装类
     * @Date: 2020/5/26 16:29
     */


    private ByteArrayOutputStream buffer = null;
    private ServletOutputStream out = null;
    private PrintWriter writer = null;

    public ResponseWrapper(HttpServletResponse response) throws IOException {
        super(response);
        buffer = new ByteArrayOutputStream();// 真正存储数据的流
        out = new WapperedOutputStream(buffer);
        writer = new PrintWriter(new OutputStreamWriter(buffer, this.getCharacterEncoding()));
    }

    /**
     * 重载父类获取outputstream的方法
     */
    @Override
    public ServletOutputStream getOutputStream() throws IOException {
        return out;
    }

    /**
     * 重载父类获取writer的方法
     */
    @Override
    public PrintWriter getWriter() throws UnsupportedEncodingException {
        return writer;
    }

    /**
     * 重载父类获取flushBuffer的方法
     */
    @Override
    public void flushBuffer() throws IOException {
        if (out != null) {
            out.flush();
        }
        if (writer != null) {
            writer.flush();
        }
    }

    @Override
    public void reset() {
        buffer.reset();
    }

    /**
     * 将out、writer中的数据强制输出到WapperedResponse的buffer里面,否则取不到数据
     */
    public byte[] getResponseData() throws IOException {
        flushBuffer();
        return buffer.toByteArray();
    }

    /**
     * 内部类,对ServletOutputStream进行包装
     */
    private class WapperedOutputStream extends ServletOutputStream {
        private ByteArrayOutputStream bos = null;

        public WapperedOutputStream(ByteArrayOutputStream stream) {
            bos = stream;
        }

        @Override
        public void write(int b) throws IOException {
            bos.write(b);
        }

        @Override
        public void write(byte[] b) throws IOException {
            bos.write(b, 0, b.length);
        }

        @Override
        public boolean isReady() {
            return false;
        }

        @Override
        public void setWriteListener(WriteListener writeListener) {
            log.info("writeListener");
        }
    }


}

1.3 注册过滤器

@Configuration
public class AesFilterConfig {

    @Bean
    public FilterRegistrationBean registerParamFilter(ParamResultFilter paramResultFilter) {
        FilterRegistrationBean registrationBean = new FilterRegistrationBean();
        registrationBean.setFilter(paramResultFilter);
        registrationBean.setName("paramResultFilter");
        registrationBean.addUrlPatterns("/*");
        registrationBean.setOrder(2);
        return registrationBean;
    }

}

2、前端VUE 

npm install crypto-js

2.1aseKeConfig.js  AES+CBC 配置

export const AES_KEY = 'MTIzNDU2Nzg5MEFC'
export const AES_IV = 'QUJDRURGMDk4NzY1'
// 参数是否进行加密设置,需要与后端配置保持一致
export const PARAM_ENCRYPT_ABLE = true
// 结果是否进行加密
export const RESULT_ENCRYPT_ABLE = true
// 需要排除的不进行加密的接口,正则匹配
export const EXCLUE_PATH = ['.*/orc/.*', '.*/fastdfs/.*', '.*/eempFastdfs/.*', ',.*/homepage/preview', '.*oauth/getClickApplicationInfo', '.*/common/defaultKaptcha.*', '.*/autoKeyword$', '.*/getLayerCount$', '.*/getLayerInfoListByPage$',
  '.*/epUiImgSaveAndAnalysisMultipartFile$', '/v7/weather']

2.2加密解密工具类 aesSecretUtil.js

import CryptoJS from 'crypto-js'
import { AES_KEY, AES_IV, PARAM_ENCRYPT_ABLE, EXCLUE_PATH, RESULT_ENCRYPT_ABLE } from '../config/aesKeyConfig.js'
const key = CryptoJS.enc.Utf8.parse(AES_KEY) // 16位
const iv = CryptoJS.enc.Utf8.parse(AES_IV)
const excluePath = EXCLUE_PATH
const paramEncryptAble = PARAM_ENCRYPT_ABLE
const resultEncryptAble = RESULT_ENCRYPT_ABLE
/**
 * Description AES CBC BASE64加密解密
 * @author 
 * @date 13:38 2022/3/31
 */
export default {
  // aes加密
  encrypt(word) {
    let encrypted = ''
    if (typeof word === 'string') {
      const srcs = CryptoJS.enc.Utf8.parse(word)
      encrypted = CryptoJS.AES.encrypt(srcs, key, {
        iv: iv,
        mode: CryptoJS.mode.CBC,
        padding: CryptoJS.pad.ZeroPadding
      })
    } else if (typeof word === 'object') {
      // 对象格式的转成json字符串
      const data = JSON.stringify(word)
      const srcs = CryptoJS.enc.Utf8.parse(data)
      encrypted = CryptoJS.AES.encrypt(srcs, key, {
        iv: iv,
        mode: CryptoJS.mode.CBC,
        padding: CryptoJS.pad.ZeroPadding
      })
    }
    return CryptoJS.enc.Base64.stringify(encrypted.ciphertext)
  },
  // aes解密
  decrypt(word) {
    if (word) {
      let base64 = CryptoJS.enc.Base64.parse(word)
      let src = CryptoJS.enc.Base64.stringify(base64)
      var decrypt = CryptoJS.AES.decrypt(src, key, {
        iv: iv,
        mode: CryptoJS.mode.CBC,
        padding: CryptoJS.pad.ZeroPadding
      })
      var decryptedStr = decrypt.toString(CryptoJS.enc.Utf8)
      return decryptedStr.toString()
    } else {
      return word
    }
  },
  // 判断url是否在匹配的正则表达式上,匹配则不进行加密,不配则需要加密
  checkIsExcluePath(url) {
    // 如果包含需要排除加密的接口返回true
    let flag = false
    for (let i = 0; i < excluePath.length; i++) {
      if (new RegExp('^' + excluePath[i]).test(url)) {
        flag = true
        break
      } else {
        flag = false
      }
    }
    return flag
  },
  // 判断是否请求需要进行加密,配置值true的时候需要加密否则不需要
  checkParamEncryptAble() {
    // console.log(encryptAble)
    return paramEncryptAble
  },
  // 判断是否只对结果进行加密
  checkResultEncryptAble() {
    // console.log(encryptAble)
    return resultEncryptAble
  }
}

2.3 http.js 处理get post 参数和返回加密解密

export function parseUrlToObj(url) {
  let firstLocation = url.indexOf("?")
  if (firstLocation > -1) {
    var reg = /([^?&=]+)=([^?&=]*)/g
    var obj = {}
    var subUrl = url.substring(firstLocation + 1)
    while (reg.exec(subUrl)) {
      obj[RegExp.$1] = RegExp.$2
    }
    return obj
  } else {
    return {}
  }
}
// 提取url
export function parseGetUrl(url) {
  let firstLocation = url.indexOf("?")
  if (firstLocation > -1) {
    return url.substring(0, firstLocation)
  } else {
    return url
  }
}
// 封装axios的get请求
export function get(url, params, Origin, openLoading) {
  axios.defaults.baseURL = oldUrl
  if (Origin) {
    axios.defaults.baseURL = Origin
  }
  var uri = parseGetUrl(url)
  var parseParam = parseUrlToObj(url)
  Object.assign(parseParam, params)
  // 是否排除在外的接口
  var isExclueUrl = secret.checkIsExcluePath(uri)
  // 是否进行参数加密
  var paramEncryptFlag = !isExclueUrl && secret.checkParamEncryptAble()
  var resultEncryptFlag = secret.checkResultEncryptAble()
  console.log('加密前参数', parseParam)
  if (paramEncryptFlag) {
    parseParam = secret.encrypt(parseParam)
  }
  return new Promise((resolve, reject) => {
    axios
      .get(uri, {
        params: parseParam,
        headers: {
          'Access-Control-Allow-Origin': '*',
          'Content-Type': 'application/x-www-form-urlencoded;charset=utf-8',
          'Product': 'Advanced'
        }
      })
      .then(response => {
        // 排除在外的不解密
        if (isExclueUrl) {
          resolve(response.data)
        } else {
          if (resultEncryptFlag) {
            console.log(JSON.parse(secret.decrypt(response.data)), '----解密结果')
            resolve(JSON.parse(secret.decrypt(response.data)))
          } else {
            resolve(response.data)
          }
        }
      })
      .catch(error => {
        reject(error)
      })
  })
}
// 封装axios的简单get请求,应对header自定义
export function simpleGet(url, params, Origin, header) {
  axios.defaults.baseURL = oldUrl
  if (Origin) {
    axios.defaults.baseURL = Origin
  }
  if (header) {
    Object.assign(header, {
      'Access-Control-Allow-Origin': '*',
      'Content-Type': 'application/x-www-form-urlencoded;charset=utf-8'
    })
  } else {
    header = {}
  }

  return new Promise((resolve, reject) => {
    axios
      .get(url, {
        params: params,
        headers: header
      })
      .then(response => {
        resolve(response.data)
      })
      .catch(error => {
        reject(error)
      })
  })
}
// 封装axios的post请求
export function post(url, data = {}, Origin, openLoading, timeout) {
  axios.defaults.baseURL = oldUrl
  // 判断是否排除在外的加密url和是否加密配置
  // 处理url后方有参数,使用Post接口的情况
  var uri = parseGetUrl(url)
  var parseParam = parseUrlToObj(url)
  Object.assign(data, parseParam)
  // 是否排除在外的接口
  var isExclueUrl = secret.checkIsExcluePath(uri)
  // 是否进行参数加密
  var paramEncryptFlag = !isExclueUrl && secret.checkParamEncryptAble()
  var resultEncryptFlag = secret.checkResultEncryptAble()
  console.log('加密前参数', data)
  if (paramEncryptFlag) {
    data = secret.encrypt(data)
  }
  if (Origin) {
    axios.defaults.baseURL = Origin
  }
  axios.defaults.timeout = oldTimeout
  if (timeout) {
    axios.defaults.timeout = timeout
  }
  return new Promise((resolve, reject) => {
    axios
      .post(uri, data)
      .then(response => {
        // 排除在外的不解密
        if (isExclueUrl) {
          resolve(response.data)
        } else {
          if (resultEncryptFlag) {
            console.log(JSON.parse(secret.decrypt(response.data)), '----解密结果')
            resolve(JSON.parse(secret.decrypt(response.data)))
          } else {
            resolve(response.data)
          }
        }
      })
      .catch(error => {
        reject(error)
      })
  })
}

效果前端参数加密

返回加密解密

Logo

前往低代码交流专区

更多推荐