From 23f7bcb8cecc1c73b540ce98f0997a9eedbbda26 Mon Sep 17 00:00:00 2001 From: iven Date: Thu, 21 May 2026 16:13:43 +0800 Subject: [PATCH] =?UTF-8?q?fix(mp):=20Phase=200=20=E5=9F=BA=E7=A1=80?= =?UTF-8?q?=E8=AE=BE=E6=96=BD=E4=BF=AE=E5=A4=8D=20=E2=80=94=20secureGet=20?= =?UTF-8?q?=E8=A7=A3=E5=AF=86=20+=20Storage=20=E4=B8=80=E8=87=B4=E6=80=A7?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - secureGet: 移除错误的 startsWith 条件,始终尝试 XOR 解密 - request.ts: current_patient_id 读取改用 safeGet,清理改用 secureRemove - health.ts: getTodaySummary 使用 getCachedPatientId 替代直接 Storage - auth.ts: analytics_queue 清理改用明文 Taro.removeStorageSync --- apps/miniprogram/src/services/health.ts | 4 ++-- apps/miniprogram/src/services/request.ts | 6 +++--- apps/miniprogram/src/stores/auth.ts | 3 ++- apps/miniprogram/src/utils/secure-storage.ts | 17 +++++++++-------- 4 files changed, 16 insertions(+), 14 deletions(-) diff --git a/apps/miniprogram/src/services/health.ts b/apps/miniprogram/src/services/health.ts index 80f9622..8d7b108 100644 --- a/apps/miniprogram/src/services/health.ts +++ b/apps/miniprogram/src/services/health.ts @@ -1,5 +1,5 @@ import Taro from '@tarojs/taro'; -import { api } from './request'; +import { api, getCachedPatientId } from './request'; export interface VitalSignInput { indicator_type: string; @@ -17,7 +17,7 @@ export interface TodaySummary { } export async function getTodaySummary(patientId?: string) { - const pid = patientId || Taro.getStorageSync('current_patient_id') || ''; + const pid = patientId || getCachedPatientId() || ''; const params: Record = {}; if (pid) params.patient_id = pid; return api.get('/health/vital-signs/today', params); diff --git a/apps/miniprogram/src/services/request.ts b/apps/miniprogram/src/services/request.ts index 2d61df4..dc7444b 100644 --- a/apps/miniprogram/src/services/request.ts +++ b/apps/miniprogram/src/services/request.ts @@ -146,7 +146,7 @@ function refreshHeadersCache(): void { cachedToken = safeGet('access_token'); cachedTenantId = safeGet('tenant_id'); if (!responseCache.getPatientId()) { - responseCache.setPatientId(Taro.getStorageSync('current_patient_id') || ''); + responseCache.setPatientId(safeGet('current_patient_id') || ''); } headersCacheTs = Date.now(); } @@ -214,8 +214,8 @@ async function doRefresh(): Promise { secureRemove('user_roles'); secureRemove('tenant_id'); secureRemove('wechat_openid'); - Taro.removeStorageSync('current_patient'); - Taro.removeStorageSync('current_patient_id'); + secureRemove('current_patient'); + secureRemove('current_patient_id'); clearRequestCache(); responseCache.setPatientId(''); headersCacheTs = 0; diff --git a/apps/miniprogram/src/stores/auth.ts b/apps/miniprogram/src/stores/auth.ts index 09f9d8b..3b0ff3a 100644 --- a/apps/miniprogram/src/stores/auth.ts +++ b/apps/miniprogram/src/stores/auth.ts @@ -263,7 +263,8 @@ export const useAuthStore = create((set, get) => ({ secureRemove('wechat_openid'); secureRemove('current_patient'); secureRemove('current_patient_id'); - secureRemove('analytics_queue'); + // analytics_queue 使用明文存储(analytics.ts STORAGE_KEY = 'analytics_queue') + Taro.removeStorageSync('analytics_queue'); secureRemove('edit_patient'); secureRemove('ai_chat_history'); // 清理 BLE DataBuffer 缓存(key 格式:ble_buffer_{patientId}_{bucket}) diff --git a/apps/miniprogram/src/utils/secure-storage.ts b/apps/miniprogram/src/utils/secure-storage.ts index d4ddcda..70479a5 100644 --- a/apps/miniprogram/src/utils/secure-storage.ts +++ b/apps/miniprogram/src/utils/secure-storage.ts @@ -57,16 +57,17 @@ export function secureGet(key: string): string { const raw = Taro.getStorageSync(prefixedKey); if (!raw || typeof raw !== 'string') return ''; - if (raw.startsWith('{') || raw.startsWith('eyJ')) { - try { - const decoded = fromBase64(raw); - if (decoded) { - return xorEncrypt(decoded, ENCRYPTION_KEY); - } - } catch { - // fallthrough + // 始终尝试 base64 解码 + XOR 解密(secureSet 的写入格式) + try { + const decoded = fromBase64(raw); + if (decoded) { + return xorEncrypt(decoded, ENCRYPTION_KEY); } + } catch { + // fallthrough — 可能是未加密的旧数据 } + + // fallback: 兼容未加密的旧数据(明文 JSON/JWT 或其他值) return raw; }