From d973e7da958e1d63a69c06781c39991a7a20f594 Mon Sep 17 00:00:00 2001 From: zpc Date: Wed, 7 Aug 2024 17:28:33 +0800 Subject: [PATCH] =?UTF-8?q?=E6=B7=BB=E5=8A=A0=E5=8F=82=E6=95=B0=E5=8A=A0?= =?UTF-8?q?=E5=AF=86=E9=AA=8C=E8=AF=81?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../HuanMeng.DotNetCore.csproj | 1 + .../MiddlewareExtend/ExceptionMiddleware.cs | 2 +- .../MiddlewareExtend/MiddlewareExtends.cs | 21 ++++ .../MiddlewareExtend/SignMiddleware.cs | 96 +++++++++++++++++++ .../SensitiveWord/SensitiveWordFilter.cs | 18 ++-- src/2-api/HuanMeng.MiaoYu.WebApi/Program.cs | 7 +- 6 files changed, 131 insertions(+), 14 deletions(-) create mode 100644 src/0-core/HuanMeng.DotNetCore/MiddlewareExtend/SignMiddleware.cs diff --git a/src/0-core/HuanMeng.DotNetCore/HuanMeng.DotNetCore.csproj b/src/0-core/HuanMeng.DotNetCore/HuanMeng.DotNetCore.csproj index b25005e..98024de 100644 --- a/src/0-core/HuanMeng.DotNetCore/HuanMeng.DotNetCore.csproj +++ b/src/0-core/HuanMeng.DotNetCore/HuanMeng.DotNetCore.csproj @@ -8,6 +8,7 @@ + diff --git a/src/0-core/HuanMeng.DotNetCore/MiddlewareExtend/ExceptionMiddleware.cs b/src/0-core/HuanMeng.DotNetCore/MiddlewareExtend/ExceptionMiddleware.cs index c017556..e3f089a 100644 --- a/src/0-core/HuanMeng.DotNetCore/MiddlewareExtend/ExceptionMiddleware.cs +++ b/src/0-core/HuanMeng.DotNetCore/MiddlewareExtend/ExceptionMiddleware.cs @@ -12,7 +12,7 @@ using System; namespace HuanMeng.DotNetCore.MiddlewareExtend { /// - /// 异常中间件 + /// 异常中间件 /// public class ExceptionMiddleware { diff --git a/src/0-core/HuanMeng.DotNetCore/MiddlewareExtend/MiddlewareExtends.cs b/src/0-core/HuanMeng.DotNetCore/MiddlewareExtend/MiddlewareExtends.cs index 918412d..a1b0f95 100644 --- a/src/0-core/HuanMeng.DotNetCore/MiddlewareExtend/MiddlewareExtends.cs +++ b/src/0-core/HuanMeng.DotNetCore/MiddlewareExtend/MiddlewareExtends.cs @@ -7,6 +7,17 @@ namespace HuanMeng.DotNetCore.MiddlewareExtend /// public static class MiddlewareExtends { + /// + /// 加载全部中间件 + /// + /// + /// + public static IApplicationBuilder UseMiddlewareAll(this IApplicationBuilder builder) + { + return builder.UseExceptionMiddleware().UseExecutionTimeMiddleware().UseSignMiddleware(); + + } + /// /// 异常中间件 /// @@ -25,5 +36,15 @@ namespace HuanMeng.DotNetCore.MiddlewareExtend { return builder.UseMiddleware(); } + + /// + /// 加密验证 + /// + /// + /// + public static IApplicationBuilder UseSignMiddleware(this IApplicationBuilder builder) + { + return builder.UseMiddleware(); + } } } diff --git a/src/0-core/HuanMeng.DotNetCore/MiddlewareExtend/SignMiddleware.cs b/src/0-core/HuanMeng.DotNetCore/MiddlewareExtend/SignMiddleware.cs new file mode 100644 index 0000000..0cba110 --- /dev/null +++ b/src/0-core/HuanMeng.DotNetCore/MiddlewareExtend/SignMiddleware.cs @@ -0,0 +1,96 @@ +using Microsoft.AspNetCore.Http; +using System.Collections.Generic; +using System.Linq; +using System.Security.Cryptography; +using System.Text; +using System.Threading.Tasks; +using System.IO; +using Newtonsoft.Json.Linq; +using HuanMeng.DotNetCore.Base; +using Newtonsoft.Json; +using Newtonsoft.Json.Serialization; + +namespace HuanMeng.DotNetCore.MiddlewareExtend +{ + /// + /// 参数请求加密验证 + /// + public class SignMiddleware + { + private readonly RequestDelegate _next; + private const string FixedString = "cccc"; // 固定字符串 + public SignMiddleware(RequestDelegate next) + { + _next = next; + } + + public async Task Invoke(HttpContext context) + { + // 读取请求体 + context.Request.EnableBuffering(); // 启用请求流的多次读取功能 + var requestBody = await new StreamReader(context.Request.Body).ReadToEndAsync(); + context.Request.Body.Position = 0; // 重置请求体的位置 + + // 解析请求体为 JSON 对象 + var requestJson = JObject.Parse(requestBody); + // 获取请求中的 sign 值 + var requestSign = requestJson["sign"]?.ToString(); + if (string.IsNullOrEmpty(requestSign)) + { + await _next(context); + return; + } + // 获取所有的键值对,并排序 + var sortedKeys = requestJson.Properties() + .Where(p => p.Name != "sign") + .OrderBy(p => p.Name) + .Select(p => p.Value.ToString()) + .ToList(); + + // 拼接所有的值,并加上固定字符串 + var concatenatedValues = string.Join("", sortedKeys) + FixedString; + + // 计算 MD5 哈希值 + var md5Hash = ComputeMD5Hash(concatenatedValues); + + + + // 验证 MD5 哈希值与请求中的 sign 是否匹配 + if (md5Hash != requestSign) + { + var settings = new JsonSerializerSettings + { + ContractResolver = new CamelCasePropertyNamesContractResolver() + }; + // 返回 500 错误 + context.Response.StatusCode = 500; + BaseResponse baseResponse = new BaseResponse(ResonseCode.SignError, "sign加密验证失败", null) + { + + }; + context.Response.ContentType = "application/json; charset=utf-8"; + // 将异常信息写入 HTTP 响应 + await context.Response.WriteAsync(JsonConvert.SerializeObject(baseResponse)); + //await context.Response.WriteAsync(""); + return; + } + + // 调用下一个中间件 + await _next(context); + } + /// + /// Md5加密 + /// + /// + /// + private string ComputeMD5Hash(string input) + { + using (var md5 = MD5.Create()) + { + var inputBytes = Encoding.UTF8.GetBytes(input); + var hashBytes = md5.ComputeHash(inputBytes); + return BitConverter.ToString(hashBytes).Replace("-", "").ToLower(); + } + } + } +} diff --git a/src/0-core/HuanMeng.DotNetCore/TextCensor/SensitiveWord/SensitiveWordFilter.cs b/src/0-core/HuanMeng.DotNetCore/TextCensor/SensitiveWord/SensitiveWordFilter.cs index ea7f146..d697783 100644 --- a/src/0-core/HuanMeng.DotNetCore/TextCensor/SensitiveWord/SensitiveWordFilter.cs +++ b/src/0-core/HuanMeng.DotNetCore/TextCensor/SensitiveWord/SensitiveWordFilter.cs @@ -83,15 +83,15 @@ namespace HuanMeng.DotNetCore.TextCensor.SensitiveWord .Replace('@', ' ') .Replace('-', ' ') .Replace('*', ' ') - .Replace("1", "") - .Replace("2", "") - .Replace("3", "") - .Replace("4", "") - .Replace("5", "") - .Replace("6", "") - .Replace("9", "") - .Replace("0", "") - .Replace("_", "") + .Replace("1", string.Empty) + .Replace("2", string.Empty) + .Replace("3", string.Empty) + .Replace("4", string.Empty) + .Replace("5", string.Empty) + .Replace("6", string.Empty) + .Replace("9", string.Empty) + .Replace("0", string.Empty) + .Replace("_", string.Empty) .Replace(" ", string.Empty).ToLower(); return cleanedText; } diff --git a/src/2-api/HuanMeng.MiaoYu.WebApi/Program.cs b/src/2-api/HuanMeng.MiaoYu.WebApi/Program.cs index 85466fe..462eed9 100644 --- a/src/2-api/HuanMeng.MiaoYu.WebApi/Program.cs +++ b/src/2-api/HuanMeng.MiaoYu.WebApi/Program.cs @@ -157,10 +157,9 @@ app.MapControllers(); app.UseStaticFiles();//静态文件访问配置 //数据库中间件 app.UseMultiTenantMiaoYu(); -//异常中间件 -app.UseExecutionTimeMiddleware(); -//请求耗时中间件 -app.UseExceptionMiddleware(); +//执行扩展中间件 +app.UseMiddlewareAll(); + #region 默认请求 app.MapGet("/", () => "请求成功").WithName("默认请求");