fix(security): security audit fixes for API vulnerabilities
All checks were successful
Build Backend / build (push) Successful in 4m47s
Build Backend / build-docker (push) Successful in 2m22s

Security fixes:
- Fix sensitive data exposure: UserResponse no longer contains email/phone
- Add UserSelfResponse for authenticated user's own data
- Protect Gorse endpoints with admin role requirement
- Add rate limiting (10 req/min) to auth endpoints
- Fix CORS configuration to use allowed origins list
- Add pagination parameter validation (max 100 per page)

Changes:
- dto/dto.go: Add UserSelfResponse type
- dto/user_converter.go: Add ConvertUserToSelfResponse
- handler/user_handler.go: Use secure response types
- middleware/cors.go: Implement origin whitelist
- middleware/ratelimit.go: Enhance rate limiter
- router/router.go: Add auth rate limit, protect Gorse
- service/admin_*.go: Use ConvertUserToResponse
This commit is contained in:
lafay
2026-03-19 13:49:51 +08:00
parent d387cc493e
commit b0f209fdf8
13 changed files with 221 additions and 162 deletions

View File

@@ -113,8 +113,9 @@ func (r *Router) setupRoutes() {
// API v1
v1 := r.engine.Group("/api/v1")
{
// 认证路由(公开)
// 认证路由(公开,需要速率限制
auth := v1.Group("/auth")
auth.Use(middleware.RateLimit(10)) // 每分钟最多10次请求
{
auth.POST("/register", r.userHandler.Register)
auth.POST("/register/send-code", r.userHandler.SendRegisterCode)
@@ -385,9 +386,11 @@ func (r *Router) setupRoutes() {
}
}
// Gorse 管理路由
// Gorse 管理路由(需要管理员权限)
if r.gorseHandler != nil {
gorseGroup := v1.Group("/gorse")
gorseGroup.Use(authMiddleware)
gorseGroup.Use(middleware.RequireRole(r.casbinService, model.RoleAdmin, model.RoleSuperAdmin))
{
gorseGroup.GET("/status", r.gorseHandler.GetStatus)
gorseGroup.POST("/import", r.gorseHandler.ImportData)