From 8ebcfb5b6fd7aed6915b3b7cf87c6680e7732134 Mon Sep 17 00:00:00 2001
From: Bai <baijiangjie@gmail.com>
Date: Wed, 3 Sep 2025 11:21:51 +0800
Subject: [PATCH] perf: aks encrypt

---
 ...accesskey_secret_alter_temptoken_secret.py | 21 +++++++++++++++++++
 apps/common/db/fields.py                      |  3 ---
 2 files changed, 21 insertions(+), 3 deletions(-)

diff --git a/apps/authentication/migrations/0008_alter_accesskey_secret_alter_temptoken_secret.py b/apps/authentication/migrations/0008_alter_accesskey_secret_alter_temptoken_secret.py
index 7adf3c2eb..a7bcb959f 100644
--- a/apps/authentication/migrations/0008_alter_accesskey_secret_alter_temptoken_secret.py
+++ b/apps/authentication/migrations/0008_alter_accesskey_secret_alter_temptoken_secret.py
@@ -4,6 +4,25 @@ import authentication.models.access_key
 import common.db.fields
 from django.db import migrations
 
+old_access_key_secrets_mapper = {}
+
+def fetch_access_key_secrets(apps, schema_editor):
+    AccessKey = apps.get_model("authentication", "AccessKey")
+
+    for id, secret in AccessKey.objects.all().values_list('id', 'secret'):
+        old_access_key_secrets_mapper[str(id)] = secret
+
+
+def save_access_key_secrets(apps, schema_editor):
+    AccessKey = apps.get_model("authentication", "AccessKey")
+    aks = AccessKey.objects.filter(id__in=list(old_access_key_secrets_mapper.keys()))
+    for ak in aks:
+        old_value = old_access_key_secrets_mapper.get(str(ak.id))
+        if not old_value:
+            continue
+        ak.secret = old_value
+        ak.save(update_fields=["secret"])
+
 
 class Migration(migrations.Migration):
 
@@ -12,6 +31,7 @@ class Migration(migrations.Migration):
     ]
 
     operations = [
+        migrations.RunPython(fetch_access_key_secrets),
         migrations.AlterField(
             model_name="accesskey",
             name="secret",
@@ -27,4 +47,5 @@ class Migration(migrations.Migration):
                 verbose_name="Secret"
             ),
         ),
+        migrations.RunPython(save_access_key_secrets),
     ]
diff --git a/apps/common/db/fields.py b/apps/common/db/fields.py
index 43ab29d25..5a920b473 100644
--- a/apps/common/db/fields.py
+++ b/apps/common/db/fields.py
@@ -145,9 +145,6 @@ class EncryptMixin:
 
         plain_value = Encryptor(value).decrypt()
 
-        # 如果解密失败，则使用原来的值
-        if not plain_value:
-            plain_value = value
         # 可能和Json mix，所以要先解密，再json
         sp = super()
         if hasattr(sp, "from_db_value"):