perf: account secret 加密 (#9570)

Co-authored-by: feng <1304903146@qq.com>
2025-09-19 01:45:27 +00:00 · 2023-02-15 20:16:01 +08:00
parent cf2089d826
commit e66168dfa4
3 changed files with 19 additions and 14 deletions
--- a/apps/accounts/serializers/account/base.py
+++ b/apps/accounts/serializers/account/base.py
@@ -24,27 +24,25 @@ class AuthValidateMixin(serializers.Serializer):
        write_only=True, label=_('Key password')
    )

-    @property
-    def initial_secret_type(self):
-        secret_type = self.initial_data.get('secret_type')
-        return secret_type
-
-    def validate_secret(self, secret):
+    @staticmethod
+    def handle_secret(secret, secret_type, passphrase=None):
        if not secret:
            return ''
-        secret_type = self.initial_secret_type
        if secret_type == SecretType.PASSWORD:
            validate_password_for_ansible(secret)
            return secret
        elif secret_type == SecretType.SSH_KEY:
-            passphrase = self.initial_data.get('passphrase')
            passphrase = passphrase if passphrase else None
            return validate_ssh_key(secret, passphrase)
        else:
            return secret

-    @staticmethod
-    def clean_auth_fields(validated_data):
+    def clean_auth_fields(self, validated_data):
+        secret_type = validated_data['secret_type']
+        passphrase = validated_data.get('passphrase')
+        secret = validated_data.pop('secret', None)
+        self.handle_secret(secret, secret_type, passphrase)
+        validated_data['secret'] = secret
        for field in ('secret',):
            value = validated_data.get(field)
            if value is None: