iven/hms
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(mp): Phase 0 基础设施修复 — secureGet 解密 + Storage 一致性

Browse Source 
- secureGet: 移除错误的 startsWith 条件,始终尝试 XOR 解密
- request.ts: current_patient_id 读取改用 safeGet,清理改用 secureRemove
- health.ts: getTodaySummary 使用 getCachedPatientId 替代直接 Storage
- auth.ts: analytics_queue 清理改用明文 Taro.removeStorageSync
This commit is contained in:
iven
2026-05-21 16:13:43 +08:00
parent 43795b2fb7
commit 23f7bcb8ce
4 changed files with 16 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
apps/miniprogram/src/services/health.ts
View File

@@ -1,5 +1,5 @@
import Taro from '@tarojs/taro'; import Taro from '@tarojs/taro';
import { api } from './request'; import { api, getCachedPatientId } from './request';
export interface VitalSignInput { export interface VitalSignInput {
indicator_type: string; indicator_type: string;
@@ -17,7 +17,7 @@ export interface TodaySummary {
} }
export async function getTodaySummary(patientId?: string) { export async function getTodaySummary(patientId?: string) {
const pid = patientId || Taro.getStorageSync('current_patient_id') || ''; const pid = patientId || getCachedPatientId() || '';
const params: Record<string, string> = {}; const params: Record<string, string> = {};
if (pid) params.patient_id = pid; if (pid) params.patient_id = pid;
return api.get<TodaySummary>('/health/vital-signs/today', params); return api.get<TodaySummary>('/health/vital-signs/today', params);

6
apps/miniprogram/src/services/request.ts
View File

@@ -146,7 +146,7 @@ function refreshHeadersCache(): void {
cachedToken = safeGet('access_token'); cachedToken = safeGet('access_token');
cachedTenantId = safeGet('tenant_id'); cachedTenantId = safeGet('tenant_id');
if (!responseCache.getPatientId()) { if (!responseCache.getPatientId()) {
responseCache.setPatientId(Taro.getStorageSync('current_patient_id') || ''); responseCache.setPatientId(safeGet('current_patient_id') || '');
} }
headersCacheTs = Date.now(); headersCacheTs = Date.now();
} }
@@ -214,8 +214,8 @@ async function doRefresh(): Promise<boolean> {
secureRemove('user_roles'); secureRemove('user_roles');
secureRemove('tenant_id'); secureRemove('tenant_id');
secureRemove('wechat_openid'); secureRemove('wechat_openid');
Taro.removeStorageSync('current_patient'); secureRemove('current_patient');
Taro.removeStorageSync('current_patient_id'); secureRemove('current_patient_id');
clearRequestCache(); clearRequestCache();
responseCache.setPatientId(''); responseCache.setPatientId('');
headersCacheTs = 0; headersCacheTs = 0;

3
apps/miniprogram/src/stores/auth.ts
View File

@@ -263,7 +263,8 @@ export const useAuthStore = create<AuthState>((set, get) => ({
secureRemove('wechat_openid'); secureRemove('wechat_openid');
secureRemove('current_patient'); secureRemove('current_patient');
secureRemove('current_patient_id'); secureRemove('current_patient_id');
secureRemove('analytics_queue'); // analytics_queue 使用明文存储analytics.ts STORAGE_KEY = 'analytics_queue'
Taro.removeStorageSync('analytics_queue');
secureRemove('edit_patient'); secureRemove('edit_patient');
secureRemove('ai_chat_history'); secureRemove('ai_chat_history');
// 清理 BLE DataBuffer 缓存key 格式ble_buffer_{patientId}_{bucket} // 清理 BLE DataBuffer 缓存key 格式ble_buffer_{patientId}_{bucket}

17
apps/miniprogram/src/utils/secure-storage.ts
View File

@@ -57,16 +57,17 @@ export function secureGet(key: string): string {
const raw = Taro.getStorageSync(prefixedKey); const raw = Taro.getStorageSync(prefixedKey);
if (!raw || typeof raw !== 'string') return ''; if (!raw || typeof raw !== 'string') return '';
if (raw.startsWith('{') || raw.startsWith('eyJ')) { // 始终尝试 base64 解码 + XOR 解密secureSet 的写入格式)
try { try {
const decoded = fromBase64(raw); const decoded = fromBase64(raw);
if (decoded) { if (decoded) {
return xorEncrypt(decoded, ENCRYPTION_KEY); return xorEncrypt(decoded, ENCRYPTION_KEY);
}
} catch {
// fallthrough
} }
} catch {
// fallthrough — 可能是未加密的旧数据
} }
// fallback: 兼容未加密的旧数据(明文 JSON/JWT 或其他值)
return raw; return raw;
} }