feat: 账号密钥用vault储存 (#10830)

* feat: 账号密钥用vault储存 * perf: 优化 Vault * perf: 重构 Vault Backend 设计架构 (未完成) * perf: 重构 Vault Backend 设计架构 (未完成2) * perf: 重构 Vault Backend 设计架构 (未完成3) * perf: 重构 Vault Backend 设计架构 (未完成4) * perf: 重构 Vault Backend 设计架构 (未完成5) * perf: 重构 Vault Backend 设计架构 (已完成) * perf: 重构 Vault Backend 设计架构 (已完成) * perf: 重构 Vault Backend 设计架构 (已完成) * perf: 小优化 * perf: 优化 --------- Co-authored-by: feng <1304903146@qq.com> Co-authored-by: Bai <baijiangjie@gmail.com> Co-authored-by: feng626 <57284900+feng626@users.noreply.github.com>
2025-09-06 18:00:57 +00:00 · 2023-07-31 17:39:30 +08:00
parent 7776158279
commit 3b615719fe
38 changed files with 819 additions and 59 deletions
--- a/apps/common/db/fields.py
+++ b/apps/common/db/fields.py
@@ -11,12 +11,12 @@ from django.core.exceptions import ValidationError
 from django.core.validators import MinValueValidator, MaxValueValidator
 from django.db import models
 from django.db.models import Q, Manager, QuerySet
-from django.utils.encoding import force_str
 from django.utils.translation import gettext_lazy as _
 from rest_framework.utils.encoders import JSONEncoder

 from common.local import add_encrypted_field_set
-from common.utils import signer, crypto, contains_ip
+from common.utils import contains_ip
+from .utils import Encryptor
 from .validators import PortRangeValidator

 __all__ = [
@@ -139,20 +139,11 @@ class EncryptMixin:
    EncryptMixin要放在最前面
    """

-    def decrypt_from_signer(self, value):
-        return signer.unsign(value) or ""
-
    def from_db_value(self, value, expression, connection, context=None):
        if value is None:
            return value

-        value = force_str(value)
-        plain_value = crypto.decrypt(value)
-
-        # 如果没有解开，使用原来的signer解密
-        if not plain_value:
-            plain_value = self.decrypt_from_signer(value)
-
+        plain_value = Encryptor(value).decrypt()
        # 可能和Json mix，所以要先解密，再json
        sp = super()
        if hasattr(sp, "from_db_value"):
@@ -167,9 +158,9 @@ class EncryptMixin:
        sp = super()
        if hasattr(sp, "get_prep_value"):
            value = sp.get_prep_value(value)
-        value = force_str(value)
+
        # 替换新的加密方式
-        return crypto.encrypt(value)
+        return Encryptor(value).encrypt()


 class EncryptTextField(EncryptMixin, models.TextField):