perf: aks encrypt

2025-09-03 11:21:51 +08:00 · 2025-09-03 11:21:51 +08:00 · 8ebcfb5b6f
parent 000bb100cd
commit 8ebcfb5b6f
2 changed files with 21 additions and 3 deletions
--- a/apps/authentication/migrations/0008_alter_accesskey_secret_alter_temptoken_secret.py
+++ b/apps/authentication/migrations/0008_alter_accesskey_secret_alter_temptoken_secret.py
@ -4,6 +4,25 @@ import authentication.models.access_key
 import common.db.fields
 from django.db import migrations

+old_access_key_secrets_mapper = {}
+
+def fetch_access_key_secrets(apps, schema_editor):
+    AccessKey = apps.get_model("authentication", "AccessKey")
+
+    for id, secret in AccessKey.objects.all().values_list('id', 'secret'):
+        old_access_key_secrets_mapper[str(id)] = secret
+
+
+def save_access_key_secrets(apps, schema_editor):
+    AccessKey = apps.get_model("authentication", "AccessKey")
+    aks = AccessKey.objects.filter(id__in=list(old_access_key_secrets_mapper.keys()))
+    for ak in aks:
+        old_value = old_access_key_secrets_mapper.get(str(ak.id))
+        if not old_value:
+            continue
+        ak.secret = old_value
+        ak.save(update_fields=["secret"])
+

 class Migration(migrations.Migration):

@ -12,6 +31,7 @@ class Migration(migrations.Migration):
    ]

    operations = [
+        migrations.RunPython(fetch_access_key_secrets),
        migrations.AlterField(
            model_name="accesskey",
            name="secret",
@ -27,4 +47,5 @@ class Migration(migrations.Migration):
                verbose_name="Secret"
            ),
        ),
+        migrations.RunPython(save_access_key_secrets),
    ]
--- a/apps/common/db/fields.py
+++ b/apps/common/db/fields.py
@ -145,9 +145,6 @@ class EncryptMixin:

        plain_value = Encryptor(value).decrypt()

-        # 如果解密失败，则使用原来的值
-        if not plain_value:
-            plain_value = value
        # 可能和Json mix，所以要先解密，再json
        sp = super()
        if hasattr(sp, "from_db_value"):