perf: aks encrypt

2025-09-08 10:49:08 +00:00 · 2025-09-02 18:50:26 +08:00
parent 4f79abe678
commit 3c9d2534fa
2 changed files with 18 additions and 4 deletions
--- a/apps/authentication/migrations/0008_alter_accesskey_secret_alter_temptoken_secret.py
+++ b/apps/authentication/migrations/0008_alter_accesskey_secret_alter_temptoken_secret.py
@@ -4,6 +4,22 @@ import authentication.models.access_key
 import common.db.fields
 from django.db import migrations

+old_access_key_secrets_mapper = {}
+
+def fetch_access_key_secrets(apps, schema_editor):
+    AccessKey = apps.get_model("authentication", "AccessKey")
+
+    for id, secret in AccessKey.objects.all().values_list('id', 'secret'):
+        old_access_key_secrets_mapper[str(id)] = secret
+
+
+def save_access_key_secrets(apps, schema_editor):
+    AccessKey = apps.get_model("authentication", "AccessKey")
+    aks = AccessKey.objects.filter(id__in=list(old_access_key_secrets_mapper.keys()))
+    for ak in aks:
+        old_value = old_access_key_secrets_mapper.get(str(ak.id))
+        ak.secret = old_value
+        ak.save(update_fields=["secret"])

 class Migration(migrations.Migration):

@@ -12,6 +28,7 @@ class Migration(migrations.Migration):
    ]

    operations = [
+        migrations.RunPython(fetch_access_key_secrets),
        migrations.AlterField(
            model_name="accesskey",
            name="secret",
@@ -27,4 +44,5 @@ class Migration(migrations.Migration):
                verbose_name="Secret"
            ),
        ),
+        migrations.RunPython(save_access_key_secrets),
    ]
--- a/apps/common/db/fields.py
+++ b/apps/common/db/fields.py
@@ -146,10 +146,6 @@ class EncryptMixin:
        encryptor = Encryptor(value)
        plain_value = encryptor.decrypt()

-        # 如果解密失败，并且可能不是加密数据，则使用原始值
-        if not plain_value and not encryptor.is_encrypted_data():
-            plain_value = value
-            
        # 可能和Json mix，所以要先解密，再json
        sp = super()
        if hasattr(sp, "from_db_value"):