增加脱敏处理

Admin.NET/Admin.NET.Core/Admin.NET.Core.csproj

@@ -20,10 +20,10 @@
 
   <ItemGroup>
     <PackageReference Include="Caching.CSRedis" Version="3.8.3" />
-    <PackageReference Include="Furion.Extras.Authentication.JwtBearer" Version="3.8.7" />
-    <PackageReference Include="Furion.Extras.Logging.Serilog" Version="3.8.7" />
-    <PackageReference Include="Furion.Extras.ObjectMapper.Mapster" Version="3.8.7" />
-    <PackageReference Include="Furion.Pure" Version="3.8.7" />
+    <PackageReference Include="Furion.Extras.Authentication.JwtBearer" Version="3.8.9" />
+    <PackageReference Include="Furion.Extras.Logging.Serilog" Version="3.8.9" />
+    <PackageReference Include="Furion.Extras.ObjectMapper.Mapster" Version="3.8.9" />
+    <PackageReference Include="Furion.Pure" Version="3.8.9" />
     <PackageReference Include="Magicodes.IE.Excel" Version="2.6.4" />
     <PackageReference Include="Microsoft.AspNetCore.Mvc.NewtonsoftJson" Version="6.0.7" />
     <PackageReference Include="MySql.Data" Version="8.0.29" />
@@ -40,4 +40,8 @@
     <Folder Include="Service\File\" />
   </ItemGroup>
 
+  <ItemGroup>
+    <ProjectReference Include="..\..\..\OpenSource\Furion\framework\Furion.Pure\Furion.Pure.csproj" />
+  </ItemGroup>
+
 </Project>

Admin.NET/Admin.NET.Core/Admin.NET.Core.xml

@@ -157,17 +157,22 @@
         </member>
         <member name="F:Admin.NET.Core.CommonConst.SysDemoEnv">
             <summary>
-            演示环境开关配置
+            演示环境开关
             </summary>
         </member>
-        <member name="F:Admin.NET.Core.CommonConst.SysCaptchaFlag">
+        <member name="F:Admin.NET.Core.CommonConst.SysCaptcha">
             <summary>
-            验证码开关配置
+            验证码开关
             </summary>
         </member>
-        <member name="F:Admin.NET.Core.CommonConst.SysOpLogFlag">
+        <member name="F:Admin.NET.Core.CommonConst.SysOpLog">
             <summary>
-            开启操作日志配置
+            开启操作日志
+            </summary>
+        </member>
+        <member name="F:Admin.NET.Core.CommonConst.SysSensitiveDetection">
+            <summary>
+            开启全局脱敏处理（默认不开启）
             </summary>
         </member>
         <member name="T:Admin.NET.Core.OrderStatus">
@@ -2782,14 +2787,19 @@
             <typeparam name="T"></typeparam>
             <returns></returns>
         </member>
+        <member name="T:Admin.NET.Core.ActionFilter">
+            <summary>
+            操作筛选器
+            </summary>
+        </member>
         <member name="T:Admin.NET.Core.LogExceptionHandler">
             <summary>
-            全局异常处理
+            全局异常处理器
             </summary>
         </member>
-        <member name="T:Admin.NET.Core.RequestActionFilter">
+        <member name="T:Admin.NET.Core.ResultFilter">
             <summary>
-            请求操作拦截
+            结果筛选器
             </summary>
         </member>
         <member name="T:Admin.NET.Core.ChatHub">

Admin.NET/Admin.NET.Core/Const/CommonConst.cs

@@ -16,17 +16,22 @@ public class CommonConst
     public const string SysAdminRoleCode = "sys_admin_role";
 
     /// <summary>
-    /// 演示环境开关配置
+    /// 演示环境开关
     /// </summary>
     public const string SysDemoEnv = "sys_demo_env";
 
     /// <summary>
-    /// 验证码开关配置
+    /// 验证码开关
     /// </summary>
-    public const string SysCaptchaFlag = "sys_captcha_flag";
+    public const string SysCaptcha = "sys_captcha";
 
     /// <summary>
-    /// 开启操作日志配置
+    /// 开启操作日志
     /// </summary>
-    public const string SysOpLogFlag = "sys_op_log";
+    public const string SysOpLog = "sys_op_log";
+
+    /// <summary>
+    /// 开启全局脱敏处理（默认不开启）
+    /// </summary>
+    public static bool SysSensitiveDetection = false;
 }

Admin.NET/Admin.NET.Core/Filter/RequestActionFilter.cs → Admin.NET/Admin.NET.Core/Filter/ActionFilter.cs

@@ -1,13 +1,13 @@
 namespace Admin.NET.Core;
 
 /// <summary>
-/// 请求操作拦截
+/// 操作筛选器
 /// </summary>
-public class RequestActionFilter : IAsyncActionFilter
+public class ActionFilter : IAsyncActionFilter
 {
     private readonly IEventPublisher _eventPublisher;
 
-    public RequestActionFilter(IEventPublisher eventPublisher)
+    public ActionFilter(IEventPublisher eventPublisher)
     {
         _eventPublisher = eventPublisher;
     }
@@ -22,8 +22,8 @@ public class RequestActionFilter : IAsyncActionFilter
         }
 
         // 是否开启操作日志
-        var value = await App.GetService<SysConfigService>().GetConfigCache(CommonConst.SysOpLogFlag);
-        if (string.IsNullOrWhiteSpace(value) || !bool.Parse(value))
+        var sysOpLog = await App.GetService<SysConfigService>().GetConfigCache(CommonConst.SysOpLog);
+        if (string.IsNullOrWhiteSpace(sysOpLog) || !bool.Parse(sysOpLog))
         {
             await next();
             return;

Admin.NET/Admin.NET.Core/Filter/LogExceptionHandler.cs

@@ -3,7 +3,7 @@
 namespace Admin.NET.Core;
 
 /// <summary>
-/// 全局异常处理
+/// 全局异常处理器
 /// </summary>
 public class LogExceptionHandler : IGlobalExceptionHandler, ISingleton
 {

Admin.NET/Admin.NET.Core/Filter/ResultFilter.cs

@@ -0,0 +1,35 @@
+namespace Admin.NET.Core;
+
+/// <summary>
+/// 结果筛选器
+/// </summary>
+public class ResultFilter : IAsyncResultFilter
+{
+    // 脱敏验证处理器
+    private readonly ISensitiveDetectionProvider _sensitiveDetectionProvider;
+
+    public ResultFilter(ISensitiveDetectionProvider sensitiveDetectionProvider)
+    {
+        _sensitiveDetectionProvider = sensitiveDetectionProvider;
+    }
+
+    public async Task OnResultExecutionAsync(ResultExecutingContext context, ResultExecutionDelegate next)
+    {
+        // 是否开启全局脱敏显示处理
+        if (CommonConst.SysSensitiveDetection)
+        {
+            var resStr = context.Result?.GetType() == typeof(JsonResult) ? JSON.Serialize(context.Result) : string.Empty;
+            if (!string.IsNullOrWhiteSpace(resStr))
+            {
+                resStr = await _sensitiveDetectionProvider.ReplaceAsync(resStr, '*');
+                // 强制替换结果
+                context.Result = new ContentResult
+                {
+                    Content = resStr
+                };
+            }
+        }
+
+        await next();
+    }
+}

Admin.NET/Admin.NET.Core/GlobalUsings.cs

@@ -11,6 +11,7 @@ global using Furion.EventBus;
 global using Furion.FriendlyException;
 global using Furion.JsonSerialization;
 global using Furion.RemoteRequest.Extensions;
+global using Furion.SensitiveDetection;
 global using Furion.TaskScheduler;
 global using Furion.UnifyResult;
 global using Furion.ViewEngine;

Admin.NET/Admin.NET.Core/SeedData/SysConfigSeedData.cs

@@ -16,7 +16,7 @@ public class SysConfigSeedData : ISqlSugarEntitySeedData<SysConfig>
             new SysConfig{ Id=252885263003800, Name="演示环境", Code="sys_demo_env", Value="False", SysFlag=YesNoEnum.Y, Remark="演示环境", Order=1, GroupCode="Default", CreateTime=DateTime.Parse("2022-02-10 00:00:00") },
             new SysConfig{ Id=252885263003801, Name="默认密码", Code="sys_default_password", Value="123456", SysFlag=YesNoEnum.Y, Remark="默认密码", Order=2, GroupCode="Default", CreateTime=DateTime.Parse("2022-02-10 00:00:00") },
             new SysConfig{ Id=252885263003802, Name="Token过期时间", Code="sys_token_expire", Value="10080", SysFlag=YesNoEnum.Y, Remark="Token过期时间", Order=3, GroupCode="Default", CreateTime=DateTime.Parse("2022-02-10 00:00:00") },
-            new SysConfig{ Id=252885263003803, Name="操作日志", Code="sys_op_log", Value="True", SysFlag=YesNoEnum.Y, Remark="开启操作日志", Order=4, GroupCode="Default", CreateTime=DateTime.Parse("2022-02-10 00:00:00") }
+            new SysConfig{ Id=252885263003803, Name="操作日志", Code="sys_op_log", Value="True", SysFlag=YesNoEnum.Y, Remark="开启操作日志", Order=4, GroupCode="Default", CreateTime=DateTime.Parse("2022-02-10 00:00:00") },
         };
     }
 }

Admin.NET/Admin.NET.Web.Core/Startup.cs

@@ -28,8 +28,11 @@ public class Startup : AppStartup
 
         services.AddTaskScheduler();
 
+        services.AddSensitiveDetection();
+
         services.AddControllersWithViews()
-            .AddMvcFilter<RequestActionFilter>()
+            .AddMvcFilter<ActionFilter>()
+            .AddMvcFilter<ResultFilter>()
             .AddNewtonsoftJson(options =>
             {
                 options.SerializerSettings.ContractResolver = new CamelCasePropertyNamesContractResolver(); // 响应驼峰命名

Admin.NET/Admin.NET.Web.Entry/Admin.NET.Web.Entry.csproj

@@ -20,10 +20,15 @@
 
 	<ItemGroup>
 		<None Remove="Admin.NET.db" />
+		<None Remove="sensitive-words.txt" />
 		<None Remove="Test.db" />
 	</ItemGroup>
 
 	<ItemGroup>
+	  <EmbeddedResource Include="sensitive-words.txt" />
+	</ItemGroup>
+
+	<ItemGroup>
 		<ProjectReference Include="..\Admin.NET.Web.Core\Admin.NET.Web.Core.csproj" />
 	</ItemGroup>
 

Admin.NET/Admin.NET.Web.Entry/sensitive-words.txt

@@ -0,0 +1,4 @@
+装逼|草泥马|特么的|傻逼|你妈的|屌爆了|你妹|马勒戈壁|蛋疼|买了个表|妈蛋|日了狗
+吃翔
+装13
+屁民