From 3211e25bd67ae49c64a23506cf8bd0c05385faae Mon Sep 17 00:00:00 2001
From: tone <3341154833@qq.com>
Date: Sun, 8 Jun 2025 22:36:14 +0800
Subject: [PATCH] =?UTF-8?q?ossSts=E6=B7=BB=E5=8A=A0=E7=BC=93=E5=AD=98?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 tone-page-server/src/oss/oss.service.ts | 30 +++++++++++++++++++++++++
 1 file changed, 30 insertions(+)

diff --git a/tone-page-server/src/oss/oss.service.ts b/tone-page-server/src/oss/oss.service.ts
index 9cd86cd..3894afc 100644
--- a/tone-page-server/src/oss/oss.service.ts
+++ b/tone-page-server/src/oss/oss.service.ts
@@ -9,10 +9,40 @@ export class OssService {
         accessKeySecret: process.env.ALIYUN_ACCESS_KEY_SECRET,
     });
 
+    private stsCache: {
+        [session: string]: {
+            credentials: {
+                AccessKeyId: string;
+                AccessKeySecret: string;
+                SecurityToken: string;
+                Expiration: string;
+            };
+            expireTime: number; // 时间戳，单位为毫秒
+        }
+    } = {};
+
+    /** @todo 该方法存在缓存穿透问题，待优化 */
     async getStsToken(session: string) {
+        if (this.stsCache[session]) {
+            const cached = this.stsCache[session];
+            // 检查缓存是否过期
+            if (cached.expireTime > Date.now()) {
+                return cached.credentials;
+            } else {
+                // 如果过期，删除缓存
+                delete this.stsCache[session];
+            }
+        }
+
         return this.sts.assumeRole(
             process.env.ALIYUN_OSS_STS_ROLE_ARN, ``, 3600, `${session}`,
         ).then((res) => {
+            // 缓存
+            this.stsCache[session] = {
+                credentials: res.credentials,
+                expireTime: new Date(res.credentials.Expiration).getTime() - 5 * 60 * 1000, // 提前5分钟过期,
+            };
+
             return res.credentials;
         }).catch(err => {
             console.error('获取STS Token失败:', err);