refactor: replace encryption function with new encrypt method for sensitive data handling

2025-07-11 19:39:08 +08:00 · 2025-07-11 19:39:08 +08:00 · 28e89ca6ec
commit 28e89ca6ec
parent fb92a07d62
1 changed files with 31 additions and 0 deletions
--- a/apps/common/utils/common.py
+++ b/apps/common/utils/common.py
@ -24,6 +24,9 @@ from pydub import AudioSegment
 from ..database_model_manage.database_model_manage import DatabaseModelManage
 from ..exception.app_exception import AppApiException
 from Crypto.Cipher import AES
 from Crypto.Util.Padding import pad, unpad
 from base64 import b64encode, b64decode
 def password_encrypt(row_password):
@ -87,6 +90,34 @@ def encryption(message: str):
    return pre_str + content + end_str
 key = b'J\xbb\xd1\xa3\x93zB\x80/\xf2\x89e\xecb\xfe\x02'
 def encrypt(message: str) -> str:
    cipher = AES.new(key, AES.MODE_CBC)
    ct_bytes = cipher.encrypt(pad(message.encode('utf-8'), AES.block_size))
    iv = b64encode(cipher.iv).decode('utf-8')
    ct = b64encode(ct_bytes).decode('utf-8')
    return f"{iv}:{ct}"
 def decrypt(encrypted: str) -> str:
    try:
        # 判断是否为加密格式 (iv:ciphertext)
        if ':' not in encrypted:
            return encrypted  # 非加密字符串直接返回
        iv_str, ct_str = encrypted.split(":", 1)
        iv = b64decode(iv_str)
        ct = b64decode(ct_str)
        cipher = AES.new(key, AES.MODE_CBC, iv)
        pt = unpad(cipher.decrypt(ct), AES.block_size)
        return pt.decode('utf-8')
    except (ValueError, KeyError, IndexError, Exception):
        # 捕获所有可能的异常，如无效格式、密钥错误等
        return encrypted  # 如果解密失败，返回原字符串
 def _remove_empty_lines(text):
    if not isinstance(text, str):
        raise AppApiException(500, _('Text-to-speech node, the text content must be of string type'))