perf: password 等使用 rsa 加密传输 (#8188)

* perf: 修改 model fields 路径 * stash it * pref: 统一加密方式，密码字段采用 rsa 加密 * pref: 临时密码使用 rsa * perf: 去掉 debug msg * perf: 去掉 Debug * perf: 去掉 debug * perf: 抽出来 Co-authored-by: ibuler <ibuler@qq.com>
2025-09-06 09:51:00 +00:00 · 2022-05-07 16:20:12 +08:00
parent 3f856e68f0
commit 031077c298
43 changed files with 291 additions and 245 deletions
--- a/apps/authentication/middleware.py
+++ b/apps/authentication/middleware.py
@@ -1,8 +1,12 @@
+import base64
+
 from django.shortcuts import redirect, reverse
 from django.utils.deprecation import MiddlewareMixin
 from django.http import HttpResponse
 from django.conf import settings

+from common.utils import gen_key_pair
+

 class MFAMiddleware:
    """
@@ -48,3 +52,28 @@ class SessionCookieMiddleware(MiddlewareMixin):
            return response
        response.set_cookie(key, value)
        return response
+
+
+class EncryptedMiddleware:
+    def __init__(self, get_response):
+        self.get_response = get_response
+
+    @staticmethod
+    def check_key_pair(request, response):
+        pub_key_name = settings.SESSION_RSA_PUBLIC_KEY_NAME
+        public_key = request.session.get(pub_key_name)
+        cookie_key = request.COOKIES.get(pub_key_name)
+        if public_key and public_key == cookie_key:
+            return
+
+        pri_key_name = settings.SESSION_RSA_PRIVATE_KEY_NAME
+        private_key, public_key = gen_key_pair()
+        public_key_decode = base64.b64encode(public_key.encode()).decode()
+        request.session[pub_key_name] = public_key_decode
+        request.session[pri_key_name] = private_key
+        response.set_cookie(pub_key_name, public_key_decode)
+
+    def __call__(self, request):
+        response = self.get_response(request)
+        self.check_key_pair(request, response)
+        return response