diff --git a/apps/miniprogram/src/services/health.ts b/apps/miniprogram/src/services/health.ts index 80f9622..8d7b108 100644 --- a/apps/miniprogram/src/services/health.ts +++ b/apps/miniprogram/src/services/health.ts @@ -1,5 +1,5 @@ import Taro from '@tarojs/taro'; -import { api } from './request'; +import { api, getCachedPatientId } from './request'; export interface VitalSignInput { indicator_type: string; @@ -17,7 +17,7 @@ export interface TodaySummary { } export async function getTodaySummary(patientId?: string) { - const pid = patientId || Taro.getStorageSync('current_patient_id') || ''; + const pid = patientId || getCachedPatientId() || ''; const params: Record = {}; if (pid) params.patient_id = pid; return api.get('/health/vital-signs/today', params); diff --git a/apps/miniprogram/src/services/request.ts b/apps/miniprogram/src/services/request.ts index 2d61df4..dc7444b 100644 --- a/apps/miniprogram/src/services/request.ts +++ b/apps/miniprogram/src/services/request.ts @@ -146,7 +146,7 @@ function refreshHeadersCache(): void { cachedToken = safeGet('access_token'); cachedTenantId = safeGet('tenant_id'); if (!responseCache.getPatientId()) { - responseCache.setPatientId(Taro.getStorageSync('current_patient_id') || ''); + responseCache.setPatientId(safeGet('current_patient_id') || ''); } headersCacheTs = Date.now(); } @@ -214,8 +214,8 @@ async function doRefresh(): Promise { secureRemove('user_roles'); secureRemove('tenant_id'); secureRemove('wechat_openid'); - Taro.removeStorageSync('current_patient'); - Taro.removeStorageSync('current_patient_id'); + secureRemove('current_patient'); + secureRemove('current_patient_id'); clearRequestCache(); responseCache.setPatientId(''); headersCacheTs = 0; diff --git a/apps/miniprogram/src/stores/auth.ts b/apps/miniprogram/src/stores/auth.ts index 09f9d8b..3b0ff3a 100644 --- a/apps/miniprogram/src/stores/auth.ts +++ b/apps/miniprogram/src/stores/auth.ts @@ -263,7 +263,8 @@ export const useAuthStore = create((set, get) => ({ secureRemove('wechat_openid'); secureRemove('current_patient'); secureRemove('current_patient_id'); - secureRemove('analytics_queue'); + // analytics_queue 使用明文存储(analytics.ts STORAGE_KEY = 'analytics_queue') + Taro.removeStorageSync('analytics_queue'); secureRemove('edit_patient'); secureRemove('ai_chat_history'); // 清理 BLE DataBuffer 缓存(key 格式:ble_buffer_{patientId}_{bucket}) diff --git a/apps/miniprogram/src/utils/secure-storage.ts b/apps/miniprogram/src/utils/secure-storage.ts index d4ddcda..70479a5 100644 --- a/apps/miniprogram/src/utils/secure-storage.ts +++ b/apps/miniprogram/src/utils/secure-storage.ts @@ -57,16 +57,17 @@ export function secureGet(key: string): string { const raw = Taro.getStorageSync(prefixedKey); if (!raw || typeof raw !== 'string') return ''; - if (raw.startsWith('{') || raw.startsWith('eyJ')) { - try { - const decoded = fromBase64(raw); - if (decoded) { - return xorEncrypt(decoded, ENCRYPTION_KEY); - } - } catch { - // fallthrough + // 始终尝试 base64 解码 + XOR 解密(secureSet 的写入格式) + try { + const decoded = fromBase64(raw); + if (decoded) { + return xorEncrypt(decoded, ENCRYPTION_KEY); } + } catch { + // fallthrough — 可能是未加密的旧数据 } + + // fallback: 兼容未加密的旧数据(明文 JSON/JWT 或其他值) return raw; }