数据库节点密码支持加密存储

2025-11-06 18:10:25 +08:00 · 2021-02-07 09:48:36 +08:00
parent 758b0b3399
commit 0b5a30aec9
2 changed files with 76 additions and 3 deletions
--- a/internal/db/models/db_node_dao.go
+++ b/internal/db/models/db_node_dao.go
@@ -1,11 +1,14 @@
 package models
 import (
 	"encoding/base64"
 	"github.com/TeaOSLab/EdgeAPI/internal/encrypt"
 	"github.com/TeaOSLab/EdgeAPI/internal/errors"
 	_ "github.com/go-sql-driver/mysql"
 	"github.com/iwind/TeaGo/Tea"
 	"github.com/iwind/TeaGo/dbs"
 	"github.com/iwind/TeaGo/types"
 	"strings"
 )
 const (
@@ -15,6 +18,8 @@ const (
 type DBNodeDAO dbs.DAO
 const DBNodePasswordEncodedPrefix = "EDGE_ENCODED:"
 func NewDBNodeDAO() *DBNodeDAO {
 	return dbs.NewDAO(&DBNodeDAO{
 		DAOObject: dbs.DAOObject{
@@ -61,7 +66,9 @@ func (this *DBNodeDAO) FindEnabledDBNode(tx *dbs.Tx, id int64) (*DBNode, error)
 	if result == nil {
 		return nil, err
 	}
-	return result.(*DBNode), err
+	node := result.(*DBNode)
 	node.Password = this.DecodePassword(node.Password)
 	return node, nil
 }
 // 根据主键查找名称
@@ -88,6 +95,9 @@ func (this *DBNodeDAO) ListEnabledNodes(tx *dbs.Tx, offset int64, size int64) (r
 		Slice(&result).
 		DescPk().
 		FindAll()
 	for _, node := range result {
 		node.Password = this.DecodePassword(node.Password)
 	}
 	return
 }
@@ -102,7 +112,7 @@ func (this *DBNodeDAO) CreateDBNode(tx *dbs.Tx, isOn bool, name string, descript
 	op.Port = port
 	op.Database = database
 	op.Username = username
-	op.Password = password
+	op.Password = this.EncodePassword(password)
 	op.Charset = charset
 	err := this.Save(tx, op)
 	if err != nil {
@@ -125,7 +135,7 @@ func (this *DBNodeDAO) UpdateNode(tx *dbs.Tx, nodeId int64, isOn bool, name stri
 	op.Port = port
 	op.Database = database
 	op.Username = username
-	op.Password = password
+	op.Password = this.EncodePassword(password)
 	op.Charset = charset
 	err := this.Save(tx, op)
 	return err
@@ -139,5 +149,30 @@ func (this *DBNodeDAO) FindAllEnabledAndOnDBNodes(tx *dbs.Tx) (result []*DBNode,
 		Slice(&result).
 		DescPk().
 		FindAll()
 	for _, node := range result {
 		node.Password = this.DecodePassword(node.Password)
 	}
 	return
 }
 // 加密密码
 func (this *DBNodeDAO) EncodePassword(password string) string {
 	if strings.HasPrefix(password, DBNodePasswordEncodedPrefix) {
 		return password
 	}
 	encodedString := base64.StdEncoding.EncodeToString(encrypt.MagicKeyEncode([]byte(password)))
 	return DBNodePasswordEncodedPrefix + encodedString
 }
 // 解密密码
 func (this *DBNodeDAO) DecodePassword(password string) string {
 	if !strings.HasPrefix(password, DBNodePasswordEncodedPrefix) {
 		return password
 	}
 	dataString := password[len(DBNodePasswordEncodedPrefix):]
 	data, err := base64.StdEncoding.DecodeString(dataString)
 	if err != nil {
 		return password
 	}
 	return string(encrypt.MagicKeyDecode(data))
 }
--- a/internal/db/models/db_node_dao_test.go
+++ b/internal/db/models/db_node_dao_test.go
@@ -2,4 +2,42 @@ package models
 import (
 	_ "github.com/go-sql-driver/mysql"
 	"testing"
 )
 func TestDBNodeDAO_EncodePassword(t *testing.T) {
 	dao := NewDBNodeDAO()
 	for _, password := range []string{
 		"123456",
 		"abcdefxyz",
 		"123abc$*&^%",
 		"$%#@!@(*))*&^&=]{|",
 		"中文",
 	} {
 		encoded := dao.EncodePassword(password)
 		decoded := dao.DecodePassword(encoded)
 		if decoded != password {
 			t.Fatal(decoded, password)
 		}
 	}
 }
 func TestDBNodeDAO_EncodePassword_Encoded(t *testing.T) {
 	dao := NewDBNodeDAO()
 	password := DBNodePasswordEncodedPrefix + "123456"
 	encoded := dao.EncodePassword(password)
 	if encoded != password {
 		t.Fatal()
 	}
 	t.Log(encoded)
 }
 func TestDBNodeDAO_EncodePassword_Decoded(t *testing.T) {
 	dao := NewDBNodeDAO()
 	password := "123456"
 	decoded := dao.DecodePassword(password)
 	if decoded != password {
 		t.Fatal()
 	}
 	t.Log(decoded)
 }