b89d5ddee9
Some checks failed
continuous-integration/drone/push Build is failing
- Add Vue 3 frontend with Element Plus - Implement login, dashboard, tenant management - Add app configuration, logs viewer, stats pages - Add user management for admins - Update Drone CI to build and deploy frontend - Frontend ports: 3001 (test), 4001 (prod)
43 lines
1.1 KiB
Python
43 lines
1.1 KiB
Python
"""配置加密服务"""
|
|
import base64
|
|
from cryptography.fernet import Fernet
|
|
from cryptography.hazmat.primitives import hashes
|
|
from cryptography.hazmat.primitives.kdf.pbkdf2 import PBKDF2HMAC
|
|
|
|
from ..config import get_settings
|
|
|
|
settings = get_settings()
|
|
|
|
|
|
def _get_fernet() -> Fernet:
|
|
"""获取Fernet实例"""
|
|
# 使用PBKDF2从密钥派生32字节密钥
|
|
kdf = PBKDF2HMAC(
|
|
algorithm=hashes.SHA256(),
|
|
length=32,
|
|
salt=b'platform_salt_2026',
|
|
iterations=100000,
|
|
)
|
|
key = base64.urlsafe_b64encode(kdf.derive(settings.CONFIG_ENCRYPT_KEY.encode()))
|
|
return Fernet(key)
|
|
|
|
|
|
def encrypt_value(value: str) -> str:
|
|
"""加密配置值"""
|
|
f = _get_fernet()
|
|
encrypted = f.encrypt(value.encode())
|
|
return base64.urlsafe_b64encode(encrypted).decode()
|
|
|
|
|
|
def decrypt_value(encrypted_value: str) -> str:
|
|
"""解密配置值"""
|
|
f = _get_fernet()
|
|
encrypted = base64.urlsafe_b64decode(encrypted_value.encode())
|
|
decrypted = f.decrypt(encrypted)
|
|
return decrypted.decode()
|
|
|
|
|
|
# 别名
|
|
encrypt_config = encrypt_value
|
|
decrypt_config = decrypt_value
|