fix(miniprogram): 小程序审计修复 — 安全加固+功能链路+输入验证
安全修复: - H1: Token 刷新竞态条件 → Singleton Promise 模式防止并发刷新 - H4: 移除 store 中的 token 明文状态,统一走 secure storage - H5: 登录/绑定手机号添加 loading 防重复点击保护 - H6: Analytics 改用 request.ts 统一请求层,不再绕过认证 - M1: logout 清理所有残留数据(openid/tenant_id/analytics_queue) - M2/M7: 敏感数据(user/openid/tenant_id)统一走加密存储 - M3: 移除开发日志中的请求体打印 - M4: secure-storage 解密失败返回 null 而非空串 功能修复: - F1: 今日体征概览 API 支持 patient_id 查询参数(后端+前端) - F2: 积分商城对无患者档案用户展示引导 UI - M6: daily-monitoring 添加 Zod 数值范围验证 清理: - L4: 移除 devLogin 开发辅助函数
This commit is contained in:
iven
@@ -1,11 +1,17 @@
|
||||
import { useState } from 'react';
|
||||
import { View, Text, Input, Picker } from '@tarojs/components';
|
||||
import Taro, { useDidShow } from '@tarojs/taro';
|
||||
import { z } from 'zod';
|
||||
import { createDailyMonitoring } from '@/services/health';
|
||||
import { useAuthStore } from '@/stores/auth';
|
||||
import { trackEvent } from '@/services/analytics';
|
||||
import './index.scss';
|
||||
|
||||
const bpSchema = z.number().min(30, '血压值不能低于30').max(300, '血压值不能高于300').optional();
|
||||
const weightSchema = z.number().min(1, '体重不能低于1kg').max(500, '体重不能高于500kg').optional();
|
||||
const bloodSugarSchema = z.number().min(0.1, '血糖值不能低于0.1').max(50, '血糖值不能高于50').optional();
|
||||
const volumeSchema = z.number().min(0, '数值不能为负').max(10000, '数值超出合理范围').optional();
|
||||
|
||||
function formatDate(date: Date): string {
|
||||
const y = date.getFullYear();
|
||||
const m = String(date.getMonth() + 1).padStart(2, '0');
|
||||
@@ -81,6 +87,40 @@ export default function DailyMonitoring() {
|
||||
return;
|
||||
}
|
||||
|
||||
// Zod 验证数值范围
|
||||
const parseNum = (v: string) => v ? parseFloat(v) : undefined;
|
||||
const fields = {
|
||||
morningSystolic: parseNum(morningSystolic),
|
||||
morningDiastolic: parseNum(morningDiastolic),
|
||||
eveningSystolic: parseNum(eveningSystolic),
|
||||
eveningDiastolic: parseNum(eveningDiastolic),
|
||||
weight: parseNum(weight),
|
||||
bloodSugar: parseNum(bloodSugar),
|
||||
fluidIntake: parseNum(fluidIntake),
|
||||
urineOutput: parseNum(urineOutput),
|
||||
};
|
||||
|
||||
const validations: Array<[z.ZodTypeAny, number | undefined, string]> = [
|
||||
[bpSchema, fields.morningSystolic, '晨起收缩压'],
|
||||
[bpSchema, fields.morningDiastolic, '晨起舒张压'],
|
||||
[bpSchema, fields.eveningSystolic, '晚间收缩压'],
|
||||
[bpSchema, fields.eveningDiastolic, '晚间舒张压'],
|
||||
[weightSchema, fields.weight, '体重'],
|
||||
[bloodSugarSchema, fields.bloodSugar, '血糖'],
|
||||
[volumeSchema, fields.fluidIntake, '饮水量'],
|
||||
[volumeSchema, fields.urineOutput, '尿量'],
|
||||
];
|
||||
|
||||
for (const [schema, value, label] of validations) {
|
||||
if (value !== undefined) {
|
||||
const result = schema.safeParse(value);
|
||||
if (!result.success) {
|
||||
Taro.showToast({ title: `${label}: ${result.error.errors[0].message}`, icon: 'none' });
|
||||
return;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
setSubmitting(true);
|
||||
try {
|
||||
await createDailyMonitoring({
|
||||
|
||||
@@ -8,6 +8,7 @@ import {
|
||||
listProducts,
|
||||
} from '../../services/points';
|
||||
import type { PointsAccount, PointsProduct, CheckinStatus } from '../../services/points';
|
||||
import { useAuthStore } from '../../stores/auth';
|
||||
import EmptyState from '../../components/EmptyState';
|
||||
import Loading from '../../components/Loading';
|
||||
import './index.scss';
|
||||
@@ -26,6 +27,7 @@ const TYPE_COLORS: Record<string, string> = {
|
||||
};
|
||||
|
||||
export default function Mall() {
|
||||
const { currentPatient } = useAuthStore();
|
||||
const [account, setAccount] = useState<PointsAccount | null>(null);
|
||||
const [checkinStatus, setCheckinStatus] = useState<CheckinStatus | null>(null);
|
||||
const [products, setProducts] = useState<PointsProduct[]>([]);
|
||||
@@ -34,9 +36,15 @@ export default function Mall() {
|
||||
const [total, setTotal] = useState(0);
|
||||
const [loading, setLoading] = useState(false);
|
||||
const [checkinLoading, setCheckinLoading] = useState(false);
|
||||
const [noProfile, setNoProfile] = useState(false);
|
||||
const loadingRef = useRef(false);
|
||||
|
||||
const fetchAccountAndCheckin = useCallback(async () => {
|
||||
if (!currentPatient) {
|
||||
setNoProfile(true);
|
||||
return;
|
||||
}
|
||||
setNoProfile(false);
|
||||
try {
|
||||
const [acct, status] = await Promise.all([
|
||||
getAccount(),
|
||||
@@ -45,9 +53,9 @@ export default function Mall() {
|
||||
setAccount(acct);
|
||||
setCheckinStatus(status);
|
||||
} catch {
|
||||
// 账户可能尚未创建,静默处理
|
||||
// 账户可能尚未创建
|
||||
}
|
||||
}, []);
|
||||
}, [currentPatient]);
|
||||
|
||||
const fetchProducts = useCallback(
|
||||
async (pageNum: number, type: string, isRefresh = false) => {
|
||||
@@ -144,6 +152,21 @@ export default function Mall() {
|
||||
|
||||
return (
|
||||
<View className='mall-page'>
|
||||
{/* 未关联患者档案时显示引导 */}
|
||||
{noProfile && (
|
||||
<View className='mall-page'>
|
||||
<EmptyState
|
||||
icon='👤'
|
||||
text='请先完善个人档案'
|
||||
hint='建档后即可使用积分商城、签到等功能'
|
||||
actionText='去建档'
|
||||
onAction={() => Taro.navigateTo({ url: '/pages/profile/family-add/index' })}
|
||||
/>
|
||||
</View>
|
||||
)}
|
||||
|
||||
{!noProfile && (
|
||||
<>
|
||||
{/* 积分余额卡片 */}
|
||||
<View className='mall-header'>
|
||||
<View className='points-card'>
|
||||
@@ -239,6 +262,8 @@ export default function Mall() {
|
||||
)}
|
||||
</View>
|
||||
)}
|
||||
</>
|
||||
)}
|
||||
</View>
|
||||
);
|
||||
}
|
||||
|
||||
@@ -1,4 +1,6 @@
|
||||
import Taro from '@tarojs/taro';
|
||||
import { api } from './request';
|
||||
import { secureGet } from '@/utils/secure-storage';
|
||||
|
||||
type EventName =
|
||||
| 'page_view'
|
||||
@@ -36,7 +38,11 @@ function setQueue(queue: AnalyticsEvent[]): void {
|
||||
}
|
||||
|
||||
export function trackEvent(event: EventName | string, properties?: Record<string, unknown>): void {
|
||||
const userId = Taro.getStorageSync('user')?.id;
|
||||
let userId: string | undefined;
|
||||
try {
|
||||
const raw = secureGet('user_data');
|
||||
userId = raw ? JSON.parse(raw).id : undefined;
|
||||
} catch { /* ignore */ }
|
||||
const patientId = Taro.getStorageSync('current_patient_id');
|
||||
|
||||
const evt: AnalyticsEvent = {
|
||||
@@ -64,12 +70,7 @@ export async function flushEvents(): Promise<void> {
|
||||
setQueue([]);
|
||||
|
||||
try {
|
||||
const BASE_URL = process.env.TARO_APP_API_URL || 'http://localhost:3000/api/v1';
|
||||
await Taro.request({
|
||||
url: `${BASE_URL}/analytics/batch`,
|
||||
method: 'POST',
|
||||
data: { events: batch },
|
||||
});
|
||||
await api.post('/analytics/batch', { events: batch });
|
||||
} catch {
|
||||
// 发送失败,回填队列
|
||||
const current = getQueue();
|
||||
|
||||
@@ -42,8 +42,3 @@ export async function wechatBindPhone(openid: string, encryptedData: string, iv:
|
||||
export async function getPatients() {
|
||||
return api.get<PatientInfo[]>('/health/patients');
|
||||
}
|
||||
|
||||
/** 开发模式:用户名密码直登 */
|
||||
export async function devLogin(username: string, password: string) {
|
||||
return api.post<LoginResp['token']>('/auth/login', { username, password });
|
||||
}
|
||||
|
||||
@@ -15,8 +15,10 @@ export interface TodaySummary {
|
||||
weight?: { value: number; status: string; reference_range?: string };
|
||||
}
|
||||
|
||||
export async function getTodaySummary() {
|
||||
return api.get<TodaySummary>('/health/vital-signs/today');
|
||||
export async function getTodaySummary(patientId?: string) {
|
||||
const params: Record<string, string> = {};
|
||||
if (patientId) params.patient_id = patientId;
|
||||
return api.get<TodaySummary>('/health/vital-signs/today', params);
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@@ -16,12 +16,21 @@ async function getHeaders(): Promise<Record<string, string>> {
|
||||
if (token) headers['Authorization'] = `Bearer ${token}`;
|
||||
const patientId = Taro.getStorageSync('current_patient_id');
|
||||
if (patientId) headers['X-Patient-Id'] = patientId;
|
||||
const tenantId = Taro.getStorageSync('tenant_id');
|
||||
const tenantId = secureGet('tenant_id');
|
||||
if (tenantId) headers['X-Tenant-Id'] = tenantId;
|
||||
return headers;
|
||||
}
|
||||
|
||||
let refreshPromise: Promise<boolean> | null = null;
|
||||
|
||||
async function tryRefreshToken(): Promise<boolean> {
|
||||
if (refreshPromise) return refreshPromise;
|
||||
refreshPromise = doRefresh();
|
||||
refreshPromise.finally(() => { refreshPromise = null; });
|
||||
return refreshPromise;
|
||||
}
|
||||
|
||||
async function doRefresh(): Promise<boolean> {
|
||||
const refreshToken = secureGet('refresh_token');
|
||||
if (!refreshToken) return false;
|
||||
try {
|
||||
@@ -35,8 +44,8 @@ async function tryRefreshToken(): Promise<boolean> {
|
||||
secureSet('refresh_token', res.data.data.refresh_token);
|
||||
return true;
|
||||
}
|
||||
} catch (err) {
|
||||
console.error('[tryRefreshToken] token 刷新失败:', err);
|
||||
} catch {
|
||||
// token 刷新失败
|
||||
}
|
||||
secureRemove('access_token');
|
||||
secureRemove('refresh_token');
|
||||
@@ -47,7 +56,7 @@ export async function request<T>(method: string, path: string, data?: unknown):
|
||||
const headers = await getHeaders();
|
||||
const url = `${BASE_URL}${path}`;
|
||||
if (IS_DEV) {
|
||||
console.log(`[API] ${method} ${path}`, data ?? '');
|
||||
console.log(`[API] ${method} ${path}`);
|
||||
}
|
||||
const res = await Taro.request({ url, method: method as any, data, header: headers, timeout: 30000 });
|
||||
if (IS_DEV) {
|
||||
|
||||
@@ -10,8 +10,6 @@ interface BindPhoneResp {
|
||||
}
|
||||
|
||||
interface AuthState {
|
||||
token: string | null;
|
||||
refreshToken: string | null;
|
||||
user: { id: string; username: string; display_name?: string; phone?: string; tenant_id?: string } | null;
|
||||
roles: string[];
|
||||
currentPatient: authApi.PatientInfo | null;
|
||||
@@ -25,11 +23,10 @@ interface AuthState {
|
||||
logout: () => void;
|
||||
restore: () => void;
|
||||
isMedicalStaff: () => boolean;
|
||||
hasPatientProfile: () => boolean;
|
||||
}
|
||||
|
||||
export const useAuthStore = create<AuthState>((set, get) => ({
|
||||
token: null,
|
||||
refreshToken: null,
|
||||
user: null,
|
||||
roles: [],
|
||||
currentPatient: null,
|
||||
@@ -41,31 +38,36 @@ export const useAuthStore = create<AuthState>((set, get) => ({
|
||||
return roles.some((r) => r === 'doctor' || r === 'nurse' || r === 'admin');
|
||||
},
|
||||
|
||||
hasPatientProfile: () => {
|
||||
return !!get().currentPatient;
|
||||
},
|
||||
|
||||
restore: () => {
|
||||
const token = secureGet('access_token') || null;
|
||||
const refreshToken = secureGet('refresh_token') || null;
|
||||
const user = Taro.getStorageSync('user') || null;
|
||||
const roles = Taro.getStorageSync('user_roles') || [];
|
||||
const currentPatient = Taro.getStorageSync('current_patient') || null;
|
||||
set({ token, refreshToken, user, roles, currentPatient });
|
||||
set({ user, roles, currentPatient });
|
||||
},
|
||||
|
||||
login: async (code: string) => {
|
||||
if (get().loading) return false;
|
||||
set({ loading: true });
|
||||
try {
|
||||
const resp = await authApi.wechatLogin(code);
|
||||
if (resp.bound && resp.token) {
|
||||
const { access_token, refresh_token, user } = resp.token;
|
||||
const roles = (resp as any).roles?.map((r: any) => r.code || r.name || r) || [];
|
||||
const roles = (resp as Record<string, unknown>).roles instanceof Array
|
||||
? ((resp as Record<string, unknown>).roles as Array<Record<string, string>>).map((r) => r.code || r.name || String(r))
|
||||
: [];
|
||||
secureSet('access_token', access_token);
|
||||
secureSet('refresh_token', refresh_token);
|
||||
Taro.setStorageSync('user', user);
|
||||
Taro.setStorageSync('user_roles', roles);
|
||||
Taro.setStorageSync('tenant_id', (user as any).tenant_id || '');
|
||||
set({ token: access_token, refreshToken: refresh_token, user, roles, loading: false });
|
||||
secureSet('user_data', JSON.stringify(user));
|
||||
secureSet('user_roles', JSON.stringify(roles));
|
||||
secureSet('tenant_id', user.tenant_id || '');
|
||||
set({ user, roles, loading: false });
|
||||
return true;
|
||||
}
|
||||
Taro.setStorageSync('wechat_openid', resp.openid);
|
||||
secureSet('wechat_openid', resp.openid);
|
||||
set({ loading: false });
|
||||
return false;
|
||||
} catch {
|
||||
@@ -75,23 +77,26 @@ export const useAuthStore = create<AuthState>((set, get) => ({
|
||||
},
|
||||
|
||||
bindPhone: async (encryptedData: string, iv: string) => {
|
||||
if (get().loading) return false;
|
||||
set({ loading: true });
|
||||
try {
|
||||
const openid = Taro.getStorageSync('wechat_openid') || '';
|
||||
const openid = secureGet('wechat_openid') || '';
|
||||
if (!openid) {
|
||||
set({ loading: false });
|
||||
return false;
|
||||
}
|
||||
const resp = await authApi.wechatBindPhone(openid, encryptedData, iv) as any;
|
||||
const { access_token, refresh_token, user } = resp;
|
||||
const roles = resp.roles?.map((r: any) => r.code || r.name || r) || [];
|
||||
secureSet('access_token', access_token);
|
||||
secureSet('refresh_token', refresh_token);
|
||||
Taro.setStorageSync('user', user);
|
||||
Taro.setStorageSync('user_roles', roles);
|
||||
Taro.setStorageSync('tenant_id', user.tenant_id || '');
|
||||
Taro.removeStorageSync('wechat_openid');
|
||||
set({ token: access_token, refreshToken: refresh_token, user, roles, loading: false });
|
||||
const resp = await authApi.wechatBindPhone(openid, encryptedData, iv) as Record<string, unknown>;
|
||||
const tokenData = resp as { access_token: string; refresh_token: string; user: AuthState['user'] };
|
||||
const roles = resp.roles instanceof Array
|
||||
? (resp.roles as Array<Record<string, string>>).map((r) => r.code || r.name || String(r))
|
||||
: [];
|
||||
secureSet('access_token', tokenData.access_token);
|
||||
secureSet('refresh_token', tokenData.refresh_token);
|
||||
secureSet('user_data', JSON.stringify(tokenData.user));
|
||||
secureSet('user_roles', JSON.stringify(roles));
|
||||
secureSet('tenant_id', tokenData.user?.tenant_id || '');
|
||||
secureRemove('wechat_openid');
|
||||
set({ user: tokenData.user, roles, loading: false });
|
||||
return true;
|
||||
} catch {
|
||||
set({ loading: false });
|
||||
@@ -113,18 +118,22 @@ export const useAuthStore = create<AuthState>((set, get) => ({
|
||||
get().setCurrentPatient(patients[0]);
|
||||
}
|
||||
} catch {
|
||||
// ignore
|
||||
// 患者列表加载失败不阻塞流程
|
||||
}
|
||||
},
|
||||
|
||||
logout: () => {
|
||||
secureRemove('access_token');
|
||||
secureRemove('refresh_token');
|
||||
Taro.removeStorageSync('user');
|
||||
Taro.removeStorageSync('user_roles');
|
||||
secureRemove('user_data');
|
||||
secureRemove('user_roles');
|
||||
secureRemove('tenant_id');
|
||||
secureRemove('wechat_openid');
|
||||
Taro.removeStorageSync('current_patient');
|
||||
Taro.removeStorageSync('current_patient_id');
|
||||
set({ token: null, refreshToken: null, user: null, roles: [], currentPatient: null, patients: [] });
|
||||
Taro.removeStorageSync('analytics_queue');
|
||||
Taro.removeStorageSync('edit_patient');
|
||||
set({ user: null, roles: [], currentPatient: null, patients: [] });
|
||||
Taro.redirectTo({ url: '/pages/login/index' });
|
||||
},
|
||||
}));
|
||||
|
||||
@@ -1,4 +1,5 @@
|
||||
import { create } from 'zustand';
|
||||
import Taro from '@tarojs/taro';
|
||||
import * as healthApi from '@/services/health';
|
||||
|
||||
interface CachedTrend {
|
||||
@@ -25,7 +26,8 @@ export const useHealthStore = create<HealthState>((set, get) => ({
|
||||
refreshToday: async () => {
|
||||
set({ loading: true });
|
||||
try {
|
||||
const data = await healthApi.getTodaySummary();
|
||||
const patientId = Taro.getStorageSync('current_patient_id') || undefined;
|
||||
const data = await healthApi.getTodaySummary(patientId);
|
||||
set({ todaySummary: data, loading: false });
|
||||
} catch {
|
||||
set({ loading: false });
|
||||
|
||||
@@ -18,7 +18,7 @@ function encrypt(plaintext: string): string {
|
||||
return CryptoJS.AES.encrypt(plaintext, ENCRYPTION_KEY).toString();
|
||||
}
|
||||
|
||||
function decrypt(ciphertext: string): string {
|
||||
function decrypt(ciphertext: string): string | null {
|
||||
if (!ENCRYPTION_KEY) {
|
||||
if (process.env.NODE_ENV === 'production') {
|
||||
throw new Error('[secure-storage] TARO_APP_ENCRYPTION_KEY 未设置,生产环境禁止明文读取');
|
||||
@@ -27,9 +27,11 @@ function decrypt(ciphertext: string): string {
|
||||
}
|
||||
try {
|
||||
const bytes = CryptoJS.AES.decrypt(ciphertext, ENCRYPTION_KEY);
|
||||
return bytes.toString(CryptoJS.enc.Utf8);
|
||||
const result = bytes.toString(CryptoJS.enc.Utf8);
|
||||
if (!result) return null;
|
||||
return result;
|
||||
} catch {
|
||||
return '';
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -41,7 +43,8 @@ export function secureSet(key: string, value: string): void {
|
||||
export function secureGet(key: string): string {
|
||||
const raw = Taro.getStorageSync(key);
|
||||
if (!raw || typeof raw !== 'string') return '';
|
||||
return decrypt(raw);
|
||||
const result = decrypt(raw);
|
||||
return result ?? '';
|
||||
}
|
||||
|
||||
export function secureRemove(key: string): void {
|
||||
|
||||
Reference in New Issue
Block a user