|
|
@ -11,8 +11,11 @@ |
|
|
### 数据库配置 |
|
|
### 数据库配置 |
|
|
```json |
|
|
```json |
|
|
{ |
|
|
{ |
|
|
"ConnectionStrings": { |
|
|
"DatabaseOptions": { |
|
|
"DefaultConnection": "Server=localhost;Database=CellularManagement;Trusted_Connection=True;MultipleActiveResultSets=true" |
|
|
"DefaultConnection": "Host=localhost;Port=5432;Database=cellularmanagement;Username=postgres;Password=your-password", |
|
|
|
|
|
"CommandTimeout": 30, |
|
|
|
|
|
"EnableDetailedErrors": true, |
|
|
|
|
|
"EnableSensitiveDataLogging": true |
|
|
} |
|
|
} |
|
|
} |
|
|
} |
|
|
``` |
|
|
``` |
|
|
@ -20,34 +23,44 @@ |
|
|
### JWT配置 |
|
|
### JWT配置 |
|
|
```json |
|
|
```json |
|
|
{ |
|
|
{ |
|
|
"JwtSettings": { |
|
|
"JwtOptions": { |
|
|
"SecretKey": "your-secret-key", |
|
|
"SecretKey": "your-512-bit-secret-key", |
|
|
"Issuer": "CellularManagement", |
|
|
"Issuer": "CellularManagement", |
|
|
"Audience": "CellularManagement", |
|
|
"Audience": "CellularManagement.WebAPI", |
|
|
"ExpiryInMinutes": 60 |
|
|
"ExpiryMinutes": 15, |
|
|
|
|
|
"RefreshTokenExpiryDays": 7, |
|
|
|
|
|
"ClockSkewMinutes": 5, |
|
|
|
|
|
"RequireHttpsMetadata": true, |
|
|
|
|
|
"SaveToken": false, |
|
|
|
|
|
"ValidateIssuer": true, |
|
|
|
|
|
"ValidateAudience": true, |
|
|
|
|
|
"ValidateLifetime": true, |
|
|
|
|
|
"KeyRotationDays": 30, |
|
|
|
|
|
"MinKeyLength": 64 |
|
|
} |
|
|
} |
|
|
} |
|
|
} |
|
|
``` |
|
|
``` |
|
|
|
|
|
|
|
|
### WebSocket配置 |
|
|
### 认证配置 |
|
|
```json |
|
|
```json |
|
|
{ |
|
|
{ |
|
|
"WebSocketSettings": { |
|
|
"Auth": { |
|
|
"Path": "/ws", |
|
|
"MaxLoginAttempts": 5, |
|
|
"KeepAliveInterval": 120, |
|
|
"LoginAttemptsWindowMinutes": 15, |
|
|
"ReceiveBufferSize": 4096, |
|
|
"LoginAttemptsCacheKeyFormat": "LoginAttempts_{0}", |
|
|
"MaxConnections": 1000, |
|
|
"DefaultUserRole": "User", |
|
|
"EnableCompression": true |
|
|
"AccessTokenExpirationMinutes": 60, |
|
|
|
|
|
"RefreshTokenExpirationDays": 7 |
|
|
} |
|
|
} |
|
|
} |
|
|
} |
|
|
``` |
|
|
``` |
|
|
|
|
|
|
|
|
### 缓存配置 |
|
|
### WebSocket配置 |
|
|
```json |
|
|
```json |
|
|
{ |
|
|
{ |
|
|
"CacheSettings": { |
|
|
"WebSocket": { |
|
|
"SlidingExpiration": 30, |
|
|
"Port": 5202, |
|
|
"AbsoluteExpiration": 60 |
|
|
"Path": "/ws" |
|
|
} |
|
|
} |
|
|
} |
|
|
} |
|
|
``` |
|
|
``` |
|
|
@ -58,20 +71,28 @@ |
|
|
"Logging": { |
|
|
"Logging": { |
|
|
"LogLevel": { |
|
|
"LogLevel": { |
|
|
"Default": "Information", |
|
|
"Default": "Information", |
|
|
"Microsoft": "Warning", |
|
|
"Microsoft.AspNetCore": "Warning" |
|
|
"Microsoft.Hosting.Lifetime": "Information" |
|
|
|
|
|
} |
|
|
} |
|
|
} |
|
|
} |
|
|
} |
|
|
} |
|
|
``` |
|
|
``` |
|
|
|
|
|
|
|
|
|
|
|
### 其他配置 |
|
|
|
|
|
```json |
|
|
|
|
|
{ |
|
|
|
|
|
"AllowedHosts": "*" |
|
|
|
|
|
} |
|
|
|
|
|
``` |
|
|
|
|
|
|
|
|
## 环境变量配置 |
|
|
## 环境变量配置 |
|
|
以下环境变量可以在不同环境中覆盖配置文件中的设置: |
|
|
以下环境变量可以在不同环境中覆盖配置文件中的设置: |
|
|
|
|
|
|
|
|
- `ASPNETCORE_ENVIRONMENT` - 设置运行环境(Development/Production) |
|
|
- `ASPNETCORE_ENVIRONMENT` - 设置运行环境(Development/Production) |
|
|
- `ConnectionStrings__DefaultConnection` - 数据库连接字符串 |
|
|
- `DatabaseOptions__DefaultConnection` - 数据库连接字符串 |
|
|
- `JwtSettings__SecretKey` - JWT密钥 |
|
|
- `JwtOptions__SecretKey` - JWT密钥 |
|
|
- `WebSocketSettings__MaxConnections` - WebSocket最大连接数 |
|
|
- `JwtOptions__ExpiryMinutes` - JWT过期时间(分钟) |
|
|
|
|
|
- `Auth__MaxLoginAttempts` - 最大登录尝试次数 |
|
|
|
|
|
- `WebSocket__Port` - WebSocket端口号 |
|
|
|
|
|
|
|
|
## 配置优先级 |
|
|
## 配置优先级 |
|
|
1. 环境变量 |
|
|
1. 环境变量 |
|
|
@ -82,4 +103,7 @@ |
|
|
## 安全注意事项 |
|
|
## 安全注意事项 |
|
|
1. 生产环境中不要将敏感信息(如密钥、连接字符串)直接写入配置文件 |
|
|
1. 生产环境中不要将敏感信息(如密钥、连接字符串)直接写入配置文件 |
|
|
2. 使用环境变量或安全的密钥管理服务来存储敏感信息 |
|
|
2. 使用环境变量或安全的密钥管理服务来存储敏感信息 |
|
|
3. 确保配置文件不会被提交到版本控制系统 |
|
|
3. 确保配置文件不会被提交到版本控制系统 |
|
|
|
|
|
4. 在开发环境中启用 `EnableDetailedErrors` 和 `EnableSensitiveDataLogging`,但在生产环境中应禁用 |
|
|
|
|
|
5. 确保 JWT 密钥长度至少为 64 个字符 |
|
|
|
|
|
6. 定期轮换 JWT 密钥(建议每 30 天) |
hyh
8 months ago