feat(config): add sensitive word filtering system with database support
All checks were successful
Build Backend / build (push) Successful in 12m54s
Build Backend / build-docker (push) Successful in 1m41s

Implement sensitive word filtering feature with configurable database and Redis
support. Add security enhancements including WebSocket origin validation, improved
password strength requirements, timing attack prevention, and production JWT secret
validation. Add batch operation validation limits and optimize user blocking
queries with subqueries.

BREAKING CHANGE: Password validation now requires minimum 8 characters with uppercase,
lowercase, and digit (was 6-50 characters without complexity requirements)
This commit is contained in:
lafay
2026-04-07 00:07:40 +08:00
parent 6429322217
commit 98b8abd26a
20 changed files with 263 additions and 84 deletions

View File

@@ -37,6 +37,9 @@ var RepositorySet = wire.NewSet(
// 身份认证相关仓储
repository.NewVerificationRepository,
// 敏感词相关仓储
repository.NewSensitiveWordRepository,
)
// ProvideUserActivityRepository 提供用户活跃数据仓储

View File

@@ -60,6 +60,7 @@ var ServiceSet = wire.NewSet(
ProvideAdminReportService,
ProvideVerificationService,
ProvideAdminVerificationService,
ProvideSensitiveService,
// 日志服务
ProvideAsyncLogManager,
@@ -445,3 +446,20 @@ func ProvideAdminVerificationService(
) service.AdminVerificationService {
return service.NewAdminVerificationService(verificationRepo, userRepo)
}
// ProvideSensitiveService 提供敏感词服务
func ProvideSensitiveService(
sensitiveWordRepo repository.SensitiveWordRepository,
redisClient *redis.Client,
cfg *config.Config,
) service.SensitiveService {
sensitiveCfg := &service.SensitiveConfig{
Enabled: cfg.Sensitive.Enabled,
ReplaceStr: cfg.Sensitive.ReplaceStr,
MinMatchLen: cfg.Sensitive.MinMatchLen,
LoadFromDB: cfg.Sensitive.LoadFromDB,
LoadFromRedis: cfg.Sensitive.LoadFromRedis,
RedisKeyPrefix: cfg.Sensitive.RedisKeyPrefix,
}
return service.NewSensitiveService(sensitiveWordRepo, redisClient, sensitiveCfg)
}