From b4dceca92f4b77c50fe5168f98362d211e7f278f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E4=B8=8D=E5=81=9A=E7=A0=81=E5=86=9C?= <599854767@qq.com> Date: Wed, 1 Jun 2022 17:25:41 +0800 Subject: [PATCH] =?UTF-8?q?=E8=BD=AC=E6=8D=A2=E6=96=87=E4=BB=B6=E7=BC=96?= =?UTF-8?q?=E7=A0=81?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- ZR.Admin.WebApi/Dockerfile | 12 +++--- ZR.Admin.WebApi/Startup.cs | 62 +++++++++++++++--------------- ZR.Admin.WebApi/appsettings.json | 66 ++++++++++++++++---------------- 3 files changed, 70 insertions(+), 70 deletions(-) diff --git a/ZR.Admin.WebApi/Dockerfile b/ZR.Admin.WebApi/Dockerfile index 0f0f4be..d945070 100644 --- a/ZR.Admin.WebApi/Dockerfile +++ b/ZR.Admin.WebApi/Dockerfile @@ -1,21 +1,21 @@ FROM mcr.microsoft.com/dotnet/aspnet:5.0 AS base -# /appļ +#创建 /app文件夹 WORKDIR /app -#Ŀ¼,ڽڷ +#创建挂载目录,用于将程序部署在服务器本地 #VOLUME /app -#dockerⱩ¶˿ +#设置docker容器对外暴露端口 EXPOSE 8888 VOLUME /app/logs #COPY bin/Release/net5.0/publish/ app/ COPY . app/ -#ڵʱãĬʱDZ׼ʱȱʱ8Сʱ +#设置容器内的时区,如果不设置,默认时区是标准时间比北京时间晚8个小时 RUN echo "Asia/shanghai" > /etc/timezone RUN cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime -# ƷļĿ¼ +# 复制发布文件到工作目录 #COPY . app/ WORKDIR /app -#ȼ dotnet ZR.Admin.WebApi.dllָ˿Ĭdocker˿80˿ +#等价于 dotnet ZR.Admin.WebApi.dll,如果不指定启动端口默认在docker里面启动端口是80端口 ENTRYPOINT ["dotnet", "ZR.Admin.WebApi.dll", "--server.urls","http://*:8888"] \ No newline at end of file diff --git a/ZR.Admin.WebApi/Startup.cs b/ZR.Admin.WebApi/Startup.cs index abae759..d1263ef 100644 --- a/ZR.Admin.WebApi/Startup.cs +++ b/ZR.Admin.WebApi/Startup.cs @@ -33,39 +33,39 @@ namespace ZR.Admin.WebApi { string corsUrls = Configuration["corsUrls"]; - //ÿ + //配置跨域 services.AddCors(c => { c.AddPolicy("Policy", policy => { policy.WithOrigins(corsUrls.Split(',', StringSplitOptions.RemoveEmptyEntries)) - .AllowAnyHeader()//ͷ - .AllowCredentials()//cookie - .AllowAnyMethod();//ⷽ + .AllowAnyHeader()//允许任意头 + .AllowCredentials()//允许cookie + .AllowAnyMethod();//允许任意方法 }); }); - //עSignalRʵʱͨѶĬjson + //注入SignalR实时通讯,默认用json传输 services.AddSignalR(options => { - //ͻ˷󵽷Ĭ30룬ij4ӣҳconnection.keepAliveIntervalInMilliseconds = 12e4;2 + //客户端发保持连接请求到服务端最长间隔,默认30秒,改成4分钟,网页需跟着设置connection.keepAliveIntervalInMilliseconds = 12e4;即2分钟 //options.ClientTimeoutInterval = TimeSpan.FromMinutes(4); - //˷󵽿ͻ˼Ĭ15룬ij2ӣҳconnection.serverTimeoutInMilliseconds = 24e4;4 + //服务端发保持连接请求到客户端间隔,默认15秒,改成2分钟,网页需跟着设置connection.serverTimeoutInMilliseconds = 24e4;即4分钟 //options.KeepAliveInterval = TimeSpan.FromMinutes(2); }); - //Error unprotecting the session cookie + //消除Error unprotecting the session cookie警告 services.AddDataProtection() .PersistKeysToFileSystem(new DirectoryInfo(Directory.GetCurrentDirectory() + Path.DirectorySeparatorChar + "DataProtection")); - //֤ͨ + //普通验证码 services.AddHeiCaptcha(); services.AddIPRate(Configuration); services.AddSession(); services.AddMemoryCache(); services.AddHttpContextAccessor(); - //Model + //绑定整个对象到Model上 services.Configure(Configuration); - //jwt ֤ + //jwt 认证 services.AddAuthentication(options => { options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme; @@ -80,7 +80,7 @@ namespace ZR.Admin.WebApi services.AddMvc(options => { - options.Filters.Add(typeof(GlobalActionMonitor));//ȫע + options.Filters.Add(typeof(GlobalActionMonitor));//全局注册 }) .AddJsonOptions(options => { @@ -99,7 +99,7 @@ namespace ZR.Admin.WebApi app.UseDeveloperExceptionPage(); } app.UseSwagger(); - //ʹԶζȥbody + //使可以多次多去body内容 app.Use((context, next) => { context.Request.EnableBuffering(); @@ -109,33 +109,33 @@ namespace ZR.Admin.WebApi } return next(); }); - //ʾ̬ļ/wwwrootĿ¼ļҪUseRoutingǰ + //开启访问静态文件/wwwroot目录文件,要放在UseRouting前面 app.UseStaticFiles(); - //·ɷ + //开启路由访问 app.UseRouting(); - app.UseCors("Policy");//Ҫapp.UseEndpointsǰ + app.UseCors("Policy");//要放在app.UseEndpoints前。 - //app.UseAuthenticationAuthenticationммݵǰHttpеCookieϢHttpContext.Userԣõ - //ֻapp.UseAuthentication֮עмܹHttpContext.Userжȡֵ - //ҲΪʲôǿapp.UseAuthenticationһҪapp.UseMvcǰ棬ΪֻASP.NET CoreMVCмвܶȡHttpContext.Userֵ - //1.ȿ֤ + //app.UseAuthentication会启用Authentication中间件,该中间件会根据当前Http请求中的Cookie信息来设置HttpContext.User属性(后面会用到), + //所以只有在app.UseAuthentication方法之后注册的中间件才能够从HttpContext.User中读取到值, + //这也是为什么上面强调app.UseAuthentication方法一定要放在下面的app.UseMvc方法前面,因为只有这样ASP.NET Core的MVC中间件中才能读取到HttpContext.User的值。 + //1.先开启认证 app.UseAuthentication(); - //2.ٿȨ + //2.再开启授权 app.UseAuthorization(); - //session + //开启session //app.UseSession(); - // + //开启缓存 app.UseResponseCaching(); - //ָ/ + //恢复/启动任务 app.UseAddTaskSchedulers(); - //ʹȫ쳣м + //使用全局异常中间件 app.UseMiddleware(); - //ÿͻIP + //启用客户端IP限制速率 app.UseIpRateLimiting(); app.UseEndpoints(endpoints => { - //socket + //设置socket连接 endpoints.MapHub("/msgHub"); endpoints.MapControllerRoute( @@ -145,7 +145,7 @@ namespace ZR.Admin.WebApi } /// - /// עServices + /// 注册Services服务 /// /// /// @@ -153,12 +153,12 @@ namespace ZR.Admin.WebApi { services.AddAppService(); services.AddSingleton(new AppSettings(configuration)); - //ƻ + //开启计划任务 services.AddTaskSchedulers(); - //ʼdb + //初始化db DbExtension.AddDb(configuration); - //עREDIS + //注册REDIS 服务 Task.Run(() => { //RedisServer.Initalize(); diff --git a/ZR.Admin.WebApi/appsettings.json b/ZR.Admin.WebApi/appsettings.json index d3b2d1e..20fecc6 100644 --- a/ZR.Admin.WebApi/appsettings.json +++ b/ZR.Admin.WebApi/appsettings.json @@ -7,97 +7,97 @@ } }, "ConnectionStrings": { - "conn_db": "Data Source=LAPTOP-STKF2M8H\\SQLEXPRESS;User ID=sa;Password=zradmin123;Initial Catalog=ZrAdmin;Integrated Security=SSPI", //ַ뿴ٷĵ - "conn_db_type": "1" //ݿ MySql = 0, SqlServer = 1 + "conn_db": "Data Source=LAPTOP-STKF2M8H\\SQLEXPRESS;User ID=sa;Password=zradmin123;Initial Catalog=ZrAdmin;Integrated Security=SSPI", //其他连接字符串请看官方文档 + "conn_db_type": "1" //数据库类型 MySql = 0, SqlServer = 1 }, - "urls": "http://localhost:8888", //ĿurlĶ˿ǰ˶ӦdevServerҲҪ޸ - "corsUrls": "http://localhost:8887", //ַǰĿǰ˷뵥Ҫã"," + "urls": "http://localhost:8888", //项目启动url,如果改动端口前端对应devServer也需要进行修改 + "corsUrls": "http://localhost:8887", //跨域地址(前端启动项目,前后端分离单独部署需要设置),多个用","隔开 "JwtSettings": { "Issuer": "ZRAdmin.NET", "Audience": "ZRAdmin.NET", "SecretKey": "SecretKey-ZRADMIN.NET-20210101", - "Expire": 1440 //jwt¼ʱ䣨֣ + "Expire": 1440 //jwt登录过期时间(分) }, - "DemoMode": false, //Ƿʾģʽ + "DemoMode": false, //是否演示模式 "Upload": { "UploadUrl": "http://localhost:8888", - "localSavePath": "" //ϴļ洢Ŀ¼/home/website/uploads + "localSavePath": "" //本地上传文件存储目录/home/website/uploads }, - //ƴ洢 + //阿里云存储配置 "ALIYUN_OSS": { "REGIONID": "cn-hangzhou", "KEY": "XX", "SECRET": "XX", "bucketName": "bucketName", - "domainUrl": "http://xxx.xxx.com" //Դ + "domainUrl": "http://xxx.xxx.com" //访问资源域名 }, "gen": { "conn": "Data Source=LAPTOP-STKF2M8H\\SQLEXPRESS;User ID=sa;Password=zradmin123;Initial Catalog=ZrAdmin;Integrated Security=SSPI", "dbType": 1, //MySql = 0, SqlServer = 1 - "autoPre": true, //Զȥǰ׺ + "autoPre": true, //自动去除表前缀 "author": "admin", - "tablePrefix": "sys_", //"ǰ׺ǰ׺öŷָ", - "vuePath": "" //ǰ˴洢·egD:\Work\ZRAdmin-Vue3 + "tablePrefix": "sys_", //"表前缀(生成类名不会包含表前缀,多个用逗号分隔)", + "vuePath": "" //前端代码存储路径eg:D:\Work\ZRAdmin-Vue3 }, - //Ϣ + //邮箱配置信息 "MailOptions": { - // - "From": "", //egxxxx@qq.com - // + //发送人邮箱 + "From": "", //eg:xxxx@qq.com + //发送人邮箱密码 "Password": "123456", - //Э + //协议 "Smtp": "smtp.qq.com", "Port": 587 }, - //redis + //redis服务配置 "RedisServer": { "Cache": "127.0.0.1:6379,defaultDatabase=0,poolsize=50,ssl=false,writeBuffer=10240,prefix=cache:", "Session": "127.0.0.1:6379,defaultDatabase=0,poolsize=50,ssl=false,writeBuffer=10240,prefix=session:" }, - //ӿ + //接口请求限制 "IpRateLimiting": { - //5ÿӷFalseʱĿÿӿڶĸӿڣֻҪһۼƹ5Σֹʡ - //Trueһ5GetDataӿڣýӿڽʱڽֹʣǻԷPostData()5,ܵ˵ÿӿڶ5һӣš + //例如设置了5次每分钟访问限流。当False时:项目中每个接口都加入计数,不管你访问哪个接口,只要在一分钟内累计够5次,将禁止访问。 + //True:当一分钟请求了5次GetData接口,则该接口将在时间段内禁止访问,但是还可以访问PostData()5次,总得来说是每个接口都有5次在这一分钟,互不干扰。 "EnableEndpointRateLimiting": true, - //falseܾAPIòӵô; ͻÿ뷢3ÿһõƣÿӻÿƽ¼һãɹAPIáϣܾAPIüʱʾӣСʱȣ - //StackBlockedRequestsΪtrue + //false,拒绝的API调用不会添加到调用次数计数器上;如 客户端每秒发出3个请求并且您设置了每秒一个调用的限制,则每分钟或每天计数器等其他限制将仅记录第一个调用,即成功的API调用。如果您希望被拒绝的API调用计入其他时间的显示(分钟,小时等) + //,则必须设置StackBlockedRequests为true。 "StackBlockedRequests": false, "RealIpHeader": "X-Real-IP", - //ȡĿͻID˱ͷдڿͻIDClientWhitelistֵָƥ䣬Ӧơ + //取白名单的客户端ID。如果此标头中存在客户端ID并且与ClientWhitelist中指定的值匹配,则不应用速率限制。 "ClientIdHeader": "X-ClientId", "HttpStatusCode": 429, - //˵ + //端点白名单 "EndpointWhitelist": [ "post:/system/dict/data/types", "*:/msghub/negotiate", "*:/LogOut" ], - //ͻ˰ + //客户端白名单 //"ClientWhitelist": [ "dev-id-1", "dev-id-2" ], "QuotaExceededResponse": { - "Content": "{{\"code\":429,\"msg\":\"ʹƵԺ\"}}", + "Content": "{{\"code\":429,\"msg\":\"访问过于频繁,请稍后重试\"}}", "ContentType": "application/json", "StatusCode": 429 }, - //ͨùapi,βһҪ* + //通用规则,api规则,结尾一定要带* "GeneralRules": [ { "Endpoint": "*:/captchaImage", - //ʱΣʽ{}{λ}ʹõλs, m, h, d + //时间段,格式:{数字}{单位};可使用单位:s, m, h, d "Period": "3s", "Limit": 5 }, { "Endpoint": "post:*", - //ʱΣʽ{}{λ}ʹõλs, m, h, d + //时间段,格式:{数字}{单位};可使用单位:s, m, h, d "Period": "3s", "Limit": 1 }, { "Endpoint": "put:*", - //ʱΣʽ{}{λ}ʹõλs, m, h, d + //时间段,格式:{数字}{单位};可使用单位:s, m, h, d "Period": "3s", "Limit": 1 } //{ // "Endpoint": "*", - // //ʱΣʽ{}{λ}ʹõλs, m, h, d + // //时间段,格式:{数字}{单位};可使用单位:s, m, h, d // "Period": "1s", // "Limit": 2 //} @@ -118,7 +118,7 @@ //} ], "IpRateLimitPolicies": { - //ip + //ip规则 "IpRules": [ ] }