server/HuanMengProject
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 53 Wiki Activity

添加参数加密验证

Browse Source
This commit is contained in:
zpc 2024-08-07 17:28:33 +08:00
parent d8e0c0a563
commit d973e7da95
6 changed files with 131 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
src/0-core/HuanMeng.DotNetCore/HuanMeng.DotNetCore.csproj
View File

@ -8,6 +8,7 @@
<ItemGroup>
<PackageReference Include="Microsoft.AspNetCore.Cors" Version="2.1.1" />
<PackageReference Include="Microsoft.AspNetCore.Http" Version="2.2.2" />
<PackageReference Include="Microsoft.AspNetCore.Http.Abstractions" Version="2.2.0" />
<PackageReference Include="Microsoft.EntityFrameworkCore" Version="8.0.6" />
<PackageReference Include="Microsoft.EntityFrameworkCore.Abstractions" Version="8.0.6" />

2
src/0-core/HuanMeng.DotNetCore/MiddlewareExtend/ExceptionMiddleware.cs
View File

@ -12,7 +12,7 @@ using System;
namespace HuanMeng.DotNetCore.MiddlewareExtend
{
/// <summary>
/// 异常中间件
/// 异常中间件
/// </summary>
public class ExceptionMiddleware
{

21
src/0-core/HuanMeng.DotNetCore/MiddlewareExtend/MiddlewareExtends.cs
View File

@ -7,6 +7,17 @@ namespace HuanMeng.DotNetCore.MiddlewareExtend
/// </summary>
public static class MiddlewareExtends
{
/// <summary>
/// 加载全部中间件
/// </summary>
/// <param name="builder"></param>
/// <returns></returns>
public static IApplicationBuilder UseMiddlewareAll(this IApplicationBuilder builder)
{
return builder.UseExceptionMiddleware().UseExecutionTimeMiddleware().UseSignMiddleware();
}
/// <summary>
/// 异常中间件
/// </summary>
@ -25,5 +36,15 @@ namespace HuanMeng.DotNetCore.MiddlewareExtend
{
return builder.UseMiddleware<ExceptionMiddleware>();
}
/// <summary>
/// 加密验证
/// </summary>
/// <param name="builder"></param>
/// <returns></returns>
public static IApplicationBuilder UseSignMiddleware(this IApplicationBuilder builder)
{
return builder.UseMiddleware<SignMiddleware>();
}
}
}

96
src/0-core/HuanMeng.DotNetCore/MiddlewareExtend/SignMiddleware.cs Normal file
View File

@ -0,0 +1,96 @@
using Microsoft.AspNetCore.Http;
using System.Collections.Generic;
using System.Linq;
using System.Security.Cryptography;
using System.Text;
using System.Threading.Tasks;
using System.IO;
using Newtonsoft.Json.Linq;
using HuanMeng.DotNetCore.Base;
using Newtonsoft.Json;
using Newtonsoft.Json.Serialization;
namespace HuanMeng.DotNetCore.MiddlewareExtend
{
/// <summary>
/// 参数请求加密验证
/// </summary>
public class SignMiddleware
{
private readonly RequestDelegate _next;
private const string FixedString = "cccc"; // 固定字符串
public SignMiddleware(RequestDelegate next)
{
_next = next;
}
public async Task Invoke(HttpContext context)
{
// 读取请求体
context.Request.EnableBuffering(); // 启用请求流的多次读取功能
var requestBody = await new StreamReader(context.Request.Body).ReadToEndAsync();
context.Request.Body.Position = 0; // 重置请求体的位置
// 解析请求体为 JSON 对象
var requestJson = JObject.Parse(requestBody);
// 获取请求中的 sign 值
var requestSign = requestJson["sign"]?.ToString();
if (string.IsNullOrEmpty(requestSign))
{
await _next(context);
return;
}
// 获取所有的键值对,并排序
var sortedKeys = requestJson.Properties()
.Where(p => p.Name != "sign")
.OrderBy(p => p.Name)
.Select(p => p.Value.ToString())
.ToList();
// 拼接所有的值,并加上固定字符串
var concatenatedValues = string.Join("", sortedKeys) + FixedString;
// 计算 MD5 哈希值
var md5Hash = ComputeMD5Hash(concatenatedValues);
// 验证 MD5 哈希值与请求中的 sign 是否匹配
if (md5Hash != requestSign)
{
var settings = new JsonSerializerSettings
{
ContractResolver = new CamelCasePropertyNamesContractResolver()
};
// 返回 500 错误
context.Response.StatusCode = 500;
BaseResponse<object> baseResponse = new BaseResponse<object>(ResonseCode.SignError, "sign加密验证失败", null)
{
};
context.Response.ContentType = "application/json; charset=utf-8";
// 将异常信息写入 HTTP 响应
await context.Response.WriteAsync(JsonConvert.SerializeObject(baseResponse));
//await context.Response.WriteAsync("");
return;
}
// 调用下一个中间件
await _next(context);
}
/// <summary>
/// Md5加密
/// </summary>
/// <param name="input"></param>
/// <returns></returns>
private string ComputeMD5Hash(string input)
{
using (var md5 = MD5.Create())
{
var inputBytes = Encoding.UTF8.GetBytes(input);
var hashBytes = md5.ComputeHash(inputBytes);
return BitConverter.ToString(hashBytes).Replace("-", "").ToLower();
}
}
}
}

18
src/0-core/HuanMeng.DotNetCore/TextCensor/SensitiveWord/SensitiveWordFilter.cs
View File

@ -83,15 +83,15 @@ namespace HuanMeng.DotNetCore.TextCensor.SensitiveWord
.Replace('@', ' ')
.Replace('-', ' ')
.Replace('*', ' ')
.Replace("1", "")
.Replace("2", "")
.Replace("3", "")
.Replace("4", "")
.Replace("5", "")
.Replace("6", "")
.Replace("9", "")
.Replace("0", "")
.Replace("_", "")
.Replace("1", string.Empty)
.Replace("2", string.Empty)
.Replace("3", string.Empty)
.Replace("4", string.Empty)
.Replace("5", string.Empty)
.Replace("6", string.Empty)
.Replace("9", string.Empty)
.Replace("0", string.Empty)
.Replace("_", string.Empty)
.Replace(" ", string.Empty).ToLower();
return cleanedText;
}

7
src/2-api/HuanMeng.MiaoYu.WebApi/Program.cs
View File

@ -157,10 +157,9 @@ app.MapControllers();
app.UseStaticFiles();//静态文件访问配置
//数据库中间件
app.UseMultiTenantMiaoYu();
//异常中间件
app.UseExecutionTimeMiddleware();
//请求耗时中间件
app.UseExceptionMiddleware();
//执行扩展中间件
app.UseMiddlewareAll();
#region
app.MapGet("/", () => "请求成功").WithName("默认请求");