feat(config): add sensitive word filtering system with database support
Implement sensitive word filtering feature with configurable database and Redis support. Add security enhancements including WebSocket origin validation, improved password strength requirements, timing attack prevention, and production JWT secret validation. Add batch operation validation limits and optimize user blocking queries with subqueries. BREAKING CHANGE: Password validation now requires minimum 8 characters with uppercase, lowercase, and digit (was 6-50 characters without complexity requirements)
This commit is contained in:
@@ -24,10 +24,57 @@ func ValidateUsername(username string) bool {
|
||||
|
||||
// ValidatePassword 验证密码强度
|
||||
func ValidatePassword(password string) bool {
|
||||
if len(password) < 6 || len(password) > 50 {
|
||||
if len(password) < 8 || len(password) > 50 {
|
||||
return false
|
||||
}
|
||||
return true
|
||||
|
||||
var hasUpper, hasLower, hasDigit bool
|
||||
for _, c := range password {
|
||||
switch {
|
||||
case 'A' <= c && c <= 'Z':
|
||||
hasUpper = true
|
||||
case 'a' <= c && c <= 'z':
|
||||
hasLower = true
|
||||
case '0' <= c && c <= '9':
|
||||
hasDigit = true
|
||||
}
|
||||
}
|
||||
|
||||
return hasUpper && hasLower && hasDigit
|
||||
}
|
||||
|
||||
// ValidatePasswordWithDetail 验证密码强度并返回详细信息
|
||||
func ValidatePasswordWithDetail(password string) (bool, string) {
|
||||
if len(password) < 8 {
|
||||
return false, "密码长度至少8位"
|
||||
}
|
||||
if len(password) > 50 {
|
||||
return false, "密码长度不能超过50位"
|
||||
}
|
||||
|
||||
var hasUpper, hasLower, hasDigit bool
|
||||
for _, c := range password {
|
||||
switch {
|
||||
case 'A' <= c && c <= 'Z':
|
||||
hasUpper = true
|
||||
case 'a' <= c && c <= 'z':
|
||||
hasLower = true
|
||||
case '0' <= c && c <= '9':
|
||||
hasDigit = true
|
||||
}
|
||||
}
|
||||
|
||||
if !hasUpper {
|
||||
return false, "密码必须包含大写字母"
|
||||
}
|
||||
if !hasLower {
|
||||
return false, "密码必须包含小写字母"
|
||||
}
|
||||
if !hasDigit {
|
||||
return false, "密码必须包含数字"
|
||||
}
|
||||
|
||||
return true, ""
|
||||
}
|
||||
|
||||
// ValidatePhone 验证手机号
|
||||
@@ -37,10 +84,13 @@ func ValidatePhone(phone string) bool {
|
||||
return matched
|
||||
}
|
||||
|
||||
// SanitizeHTML 清理HTML
|
||||
// SanitizeHTML 清理HTML,防止XSS攻击
|
||||
func SanitizeHTML(input string) string {
|
||||
// 简单实现,实际使用建议用专门库
|
||||
input = strings.ReplaceAll(input, "<", "<")
|
||||
input = strings.ReplaceAll(input, ">", ">")
|
||||
input = strings.ReplaceAll(input, "&", "&")
|
||||
input = strings.ReplaceAll(input, "<", "<")
|
||||
input = strings.ReplaceAll(input, ">", ">")
|
||||
input = strings.ReplaceAll(input, "\"", """)
|
||||
input = strings.ReplaceAll(input, "'", "'")
|
||||
input = strings.ReplaceAll(input, "/", "/")
|
||||
return input
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user