yanghaodong
/
xin_ao_da_tong_shui
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

高位漏洞修改

Browse Source
main
zhangshengli 6 months ago
parent 2a1078a9ae
commit bce113666c
14 changed files with 388 additions and 135 deletions
Show Stats Download Patch File Download Diff File

2
XinAoDTS/fuintAdmin/.env.development
Unescape Escape View File

@ -11,4 +11,4 @@ VUE_APP_BASE_API = '/dev-api'
VUE_APP_PUBLIC_PATH = '/'
# 后端接口地址
VUE_APP_SERVER_URL = 'http://localhost:8080/'
VUE_APP_SERVER_URL = 'http://localhost:8081/'

6
XinAoDTS/fuintAdmin/.env.production
Unescape Escape View File

@ -1,5 +1,5 @@
# 页面标题
VUE_APP_TITLE = fuint会员营销管理系统
VUE_APP_TITLE = 大桶水管理系统
# 生产环境配置
ENV = 'production'
@ -8,8 +8,8 @@ ENV = 'production'
VUE_APP_BASE_API = '/fuint-application/'
# 发布目录
VUE_APP_PUBLIC_PATH = '/fuintAdmin/'
VUE_APP_PUBLIC_PATH = '/'
# 后端接口地址
VUE_APP_SERVER_URL = 'https://www.huamar.com/fuint-application/'
VUE_APP_SERVER_URL = 'http://localhost:8081/'

2
XinAoDTS/fuintAdmin/vue.config.js
Unescape Escape View File

@ -7,7 +7,7 @@ function resolve(dir) {
const CompressionPlugin = require('compression-webpack-plugin')
const name = process.env.VUE_APP_TITLE || 'fuint会员营销管理系统' // 网页标题
const name = process.env.VUE_APP_TITLE || '大桶水管理系统' // 网页标题
const port = process.env.port || process.env.npm_config_port || 81 // 端口

5
XinAoDTS/fuintBackend/fuint-application/pom.xml
Unescape Escape View File

@ -77,6 +77,11 @@
<artifactId>mybatis-plus</artifactId>
<version>${mybatis-plus.version}</version>
</dependency>
<dependency>
<groupId>org.jetbrains.kotlin</groupId>
<artifactId>kotlin-stdlib-jdk8</artifactId>
<version>1.9.24</version>
</dependency>
<dependency>
<groupId>com.github.pagehelper</groupId>

6
XinAoDTS/fuintBackend/fuint-application/src/main/java/com/fuint/common/config/SecurityConfig.java
Unescape Escape View File

@ -71,10 +71,10 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
"/**/*.js",
"/profile/**"
).permitAll()
.antMatchers("/swagger-ui.html").anonymous()
.antMatchers("/swagger-resources/**").anonymous()
// .antMatchers("/swagger-ui.html").anonymous()
// .antMatchers("/swagger-resources/**").anonymous()
.antMatchers("/webjars/**").anonymous()
.antMatchers("/*/api-docs").anonymous()
// .antMatchers("/*/api-docs").anonymous()
.antMatchers("/druid/**").anonymous()
// 除上面外的所有请求全部需要鉴权认证
.anyRequest().authenticated()

109
XinAoDTS/fuintBackend/fuint-application/src/main/java/com/fuint/common/filter/MyRequestWrapper.java
Unescape Escape View File

@ -0,0 +1,109 @@
package com.fuint.common.filter;
import com.alipay.api.internal.util.file.Charsets;
import javax.servlet.ReadListener;
import javax.servlet.ServletInputStream;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import java.io.*;
import java.util.Enumeration;
import java.util.Map;
/**
* <p> @Title MyRequestWrapper
* <p> @Description POST
*
* @author zhj
* @date 2021/10/28 9:52
*/
public class MyRequestWrapper extends HttpServletRequestWrapper {
private String body;
public MyRequestWrapper(HttpServletRequest request) throws IOException {
super(request);
StringBuilder stringBuilder = new StringBuilder();
BufferedReader bufferedReader = null;
try {
InputStream inputStream = request.getInputStream();
if (inputStream != null) {
bufferedReader = new BufferedReader(new InputStreamReader(inputStream,"UTF-8"));
char[] charBuffer = new char[128];
int bytesRead = -1;
while ((bytesRead = bufferedReader.read(charBuffer)) > 0) {
stringBuilder.append(charBuffer, 0, bytesRead);
}
} else {
stringBuilder.append("");
}
} catch (IOException ex) {
throw ex;
} finally {
if (bufferedReader != null) {
try {
bufferedReader.close();
} catch (IOException ex) {
throw ex;
}
}
}
body = stringBuilder.toString();
}
@Override
public ServletInputStream getInputStream() throws IOException {
final ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(body.getBytes("UTF-8"));
ServletInputStream servletInputStream = new ServletInputStream() {
@Override
public boolean isFinished() {
return false;
}
@Override
public boolean isReady() {
return false;
}
@Override
public void setReadListener(ReadListener readListener) {
}
@Override
public int read() {
return byteArrayInputStream.read();
}
};
return servletInputStream;
}
@Override
public BufferedReader getReader() throws IOException {
return new BufferedReader(new InputStreamReader(this.getInputStream(), Charsets.UTF_8));
}
public String getBody() {
return this.body;
}
@Override
public String getParameter(String name) {
return super.getParameter(name);
}
@Override
public Map<String, String[]> getParameterMap() {
return super.getParameterMap();
}
@Override
public Enumeration<String> getParameterNames() {
return super.getParameterNames();
}
@Override
public String[] getParameterValues(String name) {
return super.getParameterValues(name);
}
}

101
XinAoDTS/fuintBackend/fuint-application/src/main/java/com/fuint/common/filter/SpecialCharFilter.java
Unescape Escape View File

@ -0,0 +1,101 @@
package com.fuint.common.filter;
import cn.hutool.core.util.ObjectUtil;
import com.alibaba.fastjson2.JSONObject;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.fuint.framework.exception.BusinessRuntimeException;
import org.apache.commons.lang3.StringUtils;
import org.springframework.web.multipart.support.StandardServletMultipartResolver;
import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.BufferedReader;
import java.io.IOException;
import java.util.Map;
import java.util.Set;
import java.util.TreeMap;
import java.util.stream.Collectors;
@WebFilter(filterName = "CharsetFilter",urlPatterns = "/*")
public class SpecialCharFilter implements Filter {
private static final String SQL_REGX = "[\\\\^$*+?{}()=&;%+\\[\\].|]";
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain chain) throws IOException, ServletException, IOException {
HttpServletRequest req = (HttpServletRequest) servletRequest;
// 防止流读取一次后就没有了, 所以需要将流继续写出去
MyRequestWrapper requestWrapper = new MyRequestWrapper(req);
// 获取请求参数
Map<String, Object> paramsMaps = new TreeMap<>();
if ("POST".equals(req.getMethod().toUpperCase())) {
String body = requestWrapper.getBody();
paramsMaps = JSONObject.parseObject(body, TreeMap.class);
} else {
Map<String, String[]> parameterMap = requestWrapper.getParameterMap();
Set<Map.Entry<String, String[]>> entries = parameterMap.entrySet();
for (Map.Entry<String, String[]> next : entries) {
paramsMaps.put(next.getKey(), next.getValue()[0]);
}
}
// 校验SQL注入
if (ObjectUtil.isNotEmpty(paramsMaps)) {
for (Object o : paramsMaps.entrySet()) {
Map.Entry entry = (Map.Entry) o;
Object value = entry.getValue();
if (value != null) {
boolean isValid = checkSqlInject(value.toString(), servletResponse);
if (!isValid) {
return;
}
}
}
}
chain.doFilter(requestWrapper, servletResponse);
}
//获取request请求body中参数
public static String getBodyString(BufferedReader br) {
String inputLine;
String str = "";
try {
while ((inputLine = br.readLine()) != null) {
str += inputLine;
}
br.close();
} catch (IOException e) {
System.out.println("IOException: " + e);
}
return str;
}
/**
* SQL
*
* @param value
* @param servletResponse
* @throws IOException IO
*/
private boolean checkSqlInject(String value, ServletResponse servletResponse) throws IOException {
if (null != value) {
String output = value.replaceAll(SQL_REGX, "");
if (output.length()<value.length()) {
return false;
}
}
return true;
}
}

99
XinAoDTS/fuintBackend/fuint-application/src/main/java/com/fuint/common/service/impl/AccountServiceImpl.java
Unescape Escape View File

@ -1,5 +1,6 @@
package com.fuint.common.service.impl;
import cn.hutool.core.util.ObjectUtil;
import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
import com.baomidou.mybatisplus.core.toolkit.Wrappers;
import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
@ -10,6 +11,7 @@ import com.fuint.common.service.AccountService;
import com.fuint.common.service.CaptchaService;
import com.fuint.common.service.StaffService;
import com.fuint.common.service.StoreService;
import com.fuint.common.util.RedisUtil;
import com.fuint.common.util.TokenUtil;
import com.fuint.framework.annoation.OperationServiceLog;
import com.fuint.framework.exception.BusinessCheckException;
@ -32,11 +34,12 @@ import org.springframework.data.domain.PageImpl;
import org.springframework.data.domain.PageRequest;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import java.util.*;
/**
*
*
* <p>
* Created by FSQ
* CopyRight https://www.huamar.com
*/
@ -61,12 +64,12 @@ public class AccountServiceImpl extends ServiceImpl<TAccountMapper, TAccount> im
/**
*
* */
*/
private StoreService storeService;
/**
*
* */
*/
private CaptchaService captchaService;
/**
@ -107,20 +110,20 @@ public class AccountServiceImpl extends ServiceImpl<TAccountMapper, TAccount> im
List<AccountDto> dataList = new ArrayList<>();
for (TAccount tAccount : accountList) {
AccountDto accountDto = new AccountDto();
BeanUtils.copyProperties(tAccount, accountDto);
accountDto.setId(tAccount.getAcctId());
MtMerchant mtMerchant = mtMerchantMapper.selectById(tAccount.getMerchantId());
if (mtMerchant != null) {
accountDto.setMerchantName(mtMerchant.getName());
}
MtStore mtStore = mtStoreMapper.selectById(tAccount.getStoreId());
if (mtStore != null) {
accountDto.setStoreName(mtStore.getName());
}
accountDto.setSalt(null);
accountDto.setPassword(null);
dataList.add(accountDto);
AccountDto accountDto = new AccountDto();
BeanUtils.copyProperties(tAccount, accountDto);
accountDto.setId(tAccount.getAcctId());
MtMerchant mtMerchant = mtMerchantMapper.selectById(tAccount.getMerchantId());
if (mtMerchant != null) {
accountDto.setMerchantName(mtMerchant.getName());
}
MtStore mtStore = mtStoreMapper.selectById(tAccount.getStoreId());
if (mtStore != null) {
accountDto.setStoreName(mtStore.getName());
}
accountDto.setSalt(null);
accountDto.setPassword(null);
dataList.add(accountDto);
}
PageRequest pageRequest = PageRequest.of(paginationRequest.getCurrentPage(), paginationRequest.getPageSize());
@ -138,7 +141,7 @@ public class AccountServiceImpl extends ServiceImpl<TAccountMapper, TAccount> im
*
* @param userName
* @return
* */
*/
@Override
public AccountInfo getAccountByName(String userName) {
Map<String, Object> param = new HashMap();
@ -178,7 +181,7 @@ public class AccountServiceImpl extends ServiceImpl<TAccountMapper, TAccount> im
*
* @param userId ID
* @return
* */
*/
@Override
public TAccount getAccountInfoById(Integer userId) {
TAccount tAccount = tAccountMapper.selectById(userId);
@ -190,7 +193,7 @@ public class AccountServiceImpl extends ServiceImpl<TAccountMapper, TAccount> im
*
* @param tAccount
* @return
* */
*/
@Override
@OperationServiceLog(description = "新增后台账户")
public TAccount createAccountInfo(TAccount tAccount, List<TDuty> duties) throws BusinessCheckException {
@ -220,14 +223,14 @@ public class AccountServiceImpl extends ServiceImpl<TAccountMapper, TAccount> im
if (id > 0 && duties != null && duties.size() > 0) {
for (TDuty tDuty : duties) {
TAccountDuty tAccountDuty = new TAccountDuty();
tAccountDuty.setDutyId(tDuty.getDutyId());
tAccountDuty.setAcctId(account.getAcctId());
tAccountDutyMapper.insert(tAccountDuty);
TAccountDuty tAccountDuty = new TAccountDuty();
tAccountDuty.setDutyId(tDuty.getDutyId());
tAccountDuty.setAcctId(account.getAcctId());
tAccountDutyMapper.insert(tAccountDuty);
}
}
if (id > 0 ) {
if (id > 0) {
return this.getAccountInfoById(id);
} else {
throw new BusinessRuntimeException("创建账号错误");
@ -239,7 +242,7 @@ public class AccountServiceImpl extends ServiceImpl<TAccountMapper, TAccount> im
*
* @param accountId
* @return
* */
*/
@Override
public List<Long> getRoleIdsByAccountId(Integer accountId) {
List<Long> roleIds = tDutyMapper.getRoleIdsByAccountId(accountId);
@ -249,7 +252,7 @@ public class AccountServiceImpl extends ServiceImpl<TAccountMapper, TAccount> im
/**
*
*
* @param tAccount
* @param tAccount
* @throws BusinessCheckException
*/
@Override
@ -265,10 +268,10 @@ public class AccountServiceImpl extends ServiceImpl<TAccountMapper, TAccount> im
if (tAccount.getAcctId() != null && tAccount.getAcctId() > 0) {
tAccountDutyMapper.deleteDutiesByAccountId(tAccount.getAcctId());
for (TDuty tDuty : duties) {
TAccountDuty tAccountDuty = new TAccountDuty();
tAccountDuty.setDutyId(tDuty.getDutyId());
tAccountDuty.setAcctId(tAccount.getAcctId());
tAccountDutyMapper.insert(tAccountDuty);
TAccountDuty tAccountDuty = new TAccountDuty();
tAccountDuty.setDutyId(tDuty.getDutyId());
tAccountDuty.setAcctId(tAccount.getAcctId());
tAccountDutyMapper.insert(tAccountDuty);
}
}
}
@ -284,7 +287,7 @@ public class AccountServiceImpl extends ServiceImpl<TAccountMapper, TAccount> im
/**
* ID
*
* @param accountId
* @param accountId
* @return ID
*/
@Override
@ -309,7 +312,7 @@ public class AccountServiceImpl extends ServiceImpl<TAccountMapper, TAccount> im
*
* @param accountId ID
* @return
* */
*/
@Override
@Transactional(rollbackFor = Exception.class)
@OperationServiceLog(description = "删除后台账户")
@ -340,7 +343,7 @@ public class AccountServiceImpl extends ServiceImpl<TAccountMapper, TAccount> im
* @param password
* @param salt
* @return
* */
*/
@Override
public String getEntryptPassword(String password, String salt) {
byte[] salt1 = Encodes.decodeHex(salt);
@ -352,23 +355,29 @@ public class AccountServiceImpl extends ServiceImpl<TAccountMapper, TAccount> im
*
*
* @param loginRequest
* @param userAgent
* @param userAgent
* @return
* */
*/
@Override
@OperationServiceLog(description = "登录后台系统")
public LoginResponse doLogin(LoginRequest loginRequest, String userAgent) throws BusinessCheckException {
String accountName = loginRequest.getUsername();
String password = loginRequest.getPassword();
String captchaCode = loginRequest.getCaptchaCode();
String uuid = loginRequest.getUuid();
RedisUtil.remove("error" + accountName);
Object o = RedisUtil.get("error" + accountName);
if (ObjectUtil.isNotEmpty(o)){
int i = Integer.parseInt(o.toString());
throw new BusinessCheckException("登录账号或密码有误次数过多请"+(i*15)+"分钟后再试");
}
Boolean captchaVerify = captchaService.checkCodeByUuid(captchaCode, uuid);
if (!captchaVerify) {
throw new BusinessCheckException("图形验证码有误");
}
if (StringUtil.isEmpty(accountName)|| StringUtil.isEmpty(password) || StringUtil.isEmpty(captchaCode)) {
if (StringUtil.isEmpty(accountName) || StringUtil.isEmpty(password) || StringUtil.isEmpty(captchaCode)) {
throw new BusinessCheckException("登录参数有误");
} else {
AccountInfo accountInfo = getAccountByName(loginRequest.getUsername());
@ -380,9 +389,21 @@ public class AccountServiceImpl extends ServiceImpl<TAccountMapper, TAccount> im
String myPassword = tAccount.getPassword();
String inputPassword = getEntryptPassword(password, tAccount.getSalt());
if (!myPassword.equals(inputPassword) || !tAccount.getAccountStatus().toString().equals("1")) {
Object userAccountName = RedisUtil.get("user" + accountName);
if (ObjectUtil.isEmpty(userAccountName)) {
RedisUtil.set("user" + accountName, 1);
RedisUtil.expire("user" + accountName,15*60);
} else {
RedisUtil.incr("user" + accountName, 1);
}
int i = Integer.parseInt(RedisUtil.get("user" + accountName).toString());
if (i>=3){
RedisUtil.set("error" + accountName,i-2);
RedisUtil.expire("error" + accountName, (long) (i - 2) *15*60);
}
throw new BusinessCheckException("登录账号或密码有误");
}
RedisUtil.remove("user" + accountName);
// 商户已禁用
if (tAccount.getMerchantId() != null && tAccount.getMerchantId() > 0) {
MtMerchant mtMerchant = mtMerchantMapper.selectById(tAccount.getMerchantId());

7
XinAoDTS/fuintBackend/fuint-application/src/main/java/com/fuint/fuintApplication.java
Unescape Escape View File

@ -3,6 +3,7 @@ package com.fuint;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.boot.web.servlet.ServletComponentScan;
import org.springframework.context.ConfigurableApplicationContext;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.PropertySource;
@ -19,6 +20,7 @@ import org.tuckey.web.filters.urlrewrite.UrlRewriteFilter;
@SpringBootApplication
//@PropertySource("file:${env.properties.path}/${env.profile}/application.properties")
@PropertySource("application-${env.profile}.properties")
@ServletComponentScan
public class fuintApplication {
public static final String REWRITE_FILTER_NAME = "rewriteFilter";
@ -27,11 +29,6 @@ public class fuintApplication {
public static void main(String[] args) {
ConfigurableApplicationContext run = SpringApplication.run(fuintApplication.class, args);
System.out.println("==================================================\n" +
"恭喜fuint系统启动成功啦 \n" +
"系统官网https://www.huamar.com \n" +
"接口文档http://localhost:"+ run.getEnvironment().getProperty("server.port")+"/swagger-ui.html \n" +
"==================================================\n \n");
}
@Bean

66
XinAoDTS/fuintBackend/fuint-application/src/main/java/com/fuint/module/backendApi/controller/BackendAccountController.java
Unescape Escape View File

@ -1,5 +1,7 @@
package com.fuint.module.backendApi.controller;
import cn.hutool.core.collection.CollectionUtil;
import cn.hutool.core.util.ObjectUtil;
import com.fuint.common.Constants;
import com.fuint.common.dto.AccountDto;
import com.fuint.common.dto.AccountInfo;
@ -26,19 +28,19 @@ import io.swagger.annotations.ApiOperation;
import lombok.AllArgsConstructor;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.*;
import javax.servlet.http.HttpServletRequest;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.*;
import java.util.concurrent.atomic.AtomicReference;
import java.util.stream.Collectors;
/**
*
*
* <p>
* Created by FSQ
* CopyRight https://www.huamar.com
*/
@Api(tags="管理端-管理员相关接口")
@Api(tags = "管理端-管理员相关接口")
@RestController
@AllArgsConstructor
@RequestMapping(value = "/backendApi/account")
@ -67,7 +69,7 @@ public class BackendAccountController extends BaseController {
/**
*
*
* @param request HttpServletRequest
* @param request HttpServletRequest
* @return
*/
@ApiOperation(value = "账户信息列表")
@ -119,8 +121,8 @@ public class BackendAccountController extends BaseController {
/**
*
*
* @param request
* @param userId ID
* @param request
* @param userId ID
* @return
*/
@ApiOperation(value = "获取账户详情")
@ -287,7 +289,23 @@ public class BackendAccountController extends BaseController {
if (loginAccount == null) {
return getFailureResult(1001, "请先登录");
}
AtomicReference<Boolean> isok = new AtomicReference<>(false);
if (ObjectUtil.isNotEmpty(roleIds)) {
List<TDuty> roleList = tDutyService.getAvailableRoles(loginAccount.getMerchantId(), loginAccount.getId());
if (ObjectUtil.isNotEmpty(roleList)) {
List<Integer> collect = roleList.stream().map(TDuty::getDutyId).collect(Collectors.toList());
roleIds.forEach(s -> {
if (!CollectionUtil.contains(collect, s)) {
isok.set(true);
}
});
}
}
if (isok.get()) {
return getFailureResult(201, "角色权限不足");
}
TAccount tAccount = tAccountService.getAccountInfoById(id.intValue());
tAccount.setAcctId(id.intValue());
tAccount.setRealName(realName);
@ -334,7 +352,7 @@ public class BackendAccountController extends BaseController {
*
*
* @param request HttpServletRequest
* @param userIds ID
* @param userIds ID
* @return
* @throws BusinessCheckException
*/
@ -351,22 +369,22 @@ public class BackendAccountController extends BaseController {
String ids[] = userIds.split(",");
if (ids.length > 0) {
for (int i = 0; i < ids.length; i++) {
if (StringUtil.isNotEmpty(ids[i])) {
Integer userId = Integer.parseInt(ids[i]);
TAccount tAccount = tAccountService.getAccountInfoById(userId.intValue());
if (tAccount == null) {
return getFailureResult(201, "账户不存在");
}
if (StringUtil.equals(accountInfo.getAccountName(), tAccount.getAccountName())) {
return getFailureResult(201, "您不能删除自己");
}
}
if (StringUtil.isNotEmpty(ids[i])) {
Integer userId = Integer.parseInt(ids[i]);
TAccount tAccount = tAccountService.getAccountInfoById(userId.intValue());
if (tAccount == null) {
return getFailureResult(201, "账户不存在");
}
if (StringUtil.equals(accountInfo.getAccountName(), tAccount.getAccountName())) {
return getFailureResult(201, "您不能删除自己");
}
}
}
for (int i = 0; i < ids.length; i++) {
if (StringUtil.isNotEmpty(ids[i])) {
Long userId = Long.parseLong(ids[i]);
tAccountService.deleteAccount(userId);
}
if (StringUtil.isNotEmpty(ids[i])) {
Long userId = Long.parseLong(ids[i]);
tAccountService.deleteAccount(userId);
}
}
}
return getSuccessResult(true);

1
XinAoDTS/fuintBackend/fuint-application/src/main/resources/application-dev.properties
Unescape Escape View File

@ -3,6 +3,7 @@ spring.datasource.url=jdbc:mysql://192.168.10.14:23306/fuint-db?useUnicode=true&
spring.datasource.username=root
spring.datasource.password=hmkj@2023
# Redis\u914D\u7F6E
spring.session.store-type=redis
spring.session.redis.namespace=fuint

113
XinAoDTS/fuintBackend/fuint-application/src/main/resources/application-prod.properties
Unescape Escape View File

@ -1,108 +1,109 @@
# 数据库配置
spring.datasource.url=jdbc:mysql://localhost:3306/fuint-db?useUnicode=true&characterEncoding=UTF8&useSSL=false
spring.datasource.username=root
spring.datasource.password=root
# \u6570\u636E\u5E93\u914D\u7F6E
spring.datasource.url=jdbc:mysql://10.203.0.245:3306/datongshui?useUnicode=true&characterEncoding=UTF8&useSSL=false
spring.datasource.username=user_wateriot
spring.datasource.password=^CX&yXrvX77j3vV7
# Redis配置
# Redis\u914D\u7F6E
spring.session.store-type=redis
spring.session.redis.namespace=fuint
# Redis数据库索引默认为0
# Redis\u6570\u636E\u5E93\u7D22\u5F15\uFF08\u9ED8\u8BA4\u4E3A0\uFF09
spring.redis.database=0
# Redis服务器地址(生产)
spring.redis.host=127.0.0.1
# Redis服务器连接端口
# Redis\u670D\u52A1\u5668\u5730\u5740(\u751F\u4EA7)
spring.redis.host=10.203.1.63
# Redis\u670D\u52A1\u5668\u8FDE\u63A5\u7AEF\u53E3
spring.redis.port=6379
# Redis服务器连接密码(默认为空)
spring.redis.password=
# 连接池最大连接数(使用负值表示没有限制)
# Redis\u670D\u52A1\u5668\u8FDE\u63A5\u5BC6\u7801\uFF08\u9ED8\u8BA4\u4E3A\u7A7A\uFF09
spring.redis.password=kYkPqKf85BCYBELe
# \u8FDE\u63A5\u6C60\u6700\u5927\u8FDE\u63A5\u6570\uFF08\u4F7F\u7528\u8D1F\u503C\u8868\u793A\u6CA1\u6709\u9650\u5236\uFF09
spring.redis.pool.max-active=-1
# 连接池最大阻塞等待时间(使用负值表示没有限制)
# \u8FDE\u63A5\u6C60\u6700\u5927\u963B\u585E\u7B49\u5F85\u65F6\u95F4\uFF08\u4F7F\u7528\u8D1F\u503C\u8868\u793A\u6CA1\u6709\u9650\u5236\uFF09
spring.redis.pool.max-wait=-1
# 连接池中的最大空闲连接
# \u8FDE\u63A5\u6C60\u4E2D\u7684\u6700\u5927\u7A7A\u95F2\u8FDE\u63A5
spring.redis.pool.max-idle=8
# 连接池中的最小空闲连接
# \u8FDE\u63A5\u6C60\u4E2D\u7684\u6700\u5C0F\u7A7A\u95F2\u8FDE\u63A5
spring.redis.pool.min-idle=0
# 连接超时时间(毫秒)
# \u8FDE\u63A5\u8D85\u65F6\u65F6\u95F4\uFF08\u6BEB\u79D2\uFF09
spring.redis.timeout=0
# 系统名称
system.name = fuint会员营销管理系统
# \u7CFB\u7EDF\u540D\u79F0
system.name = fuint\u4F1A\u5458\u8425\u9500\u7BA1\u7406\u7CFB\u7EDF
# 前端h5地址
# \u524D\u7AEFh5\u5730\u5740
website.url=https://www.huamar.com/h5/
# 上传图片本地地址
images.root=/www/wwwroot/www.xxx.com
# \u4E0A\u4F20\u56FE\u7247\u672C\u5730\u5730\u5740
images.root=/home/
images.path=/static/uploadImages/
# 上传图片服务器域名
images.upload.url=http://localhost:8080
# \u4E0A\u4F20\u56FE\u7247\u670D\u52A1\u5668\u57DF\u540D
images.upload.url=http://localhost:8081
# 上传图片允许的大小单位MB
# \u4E0A\u4F20\u56FE\u7247\u5141\u8BB8\u7684\u5927\u5C0F\uFF08\u5355\u4F4D\uFF1AMB\uFF09
images.upload.maxSize=5
################## 定时脚本配置 #########################
# 定时发送消息
################## \u5B9A\u65F6\u811A\u672C\u914D\u7F6E #########################
# \u5B9A\u65F6\u53D1\u9001\u6D88\u606F
message.job.switch = 1
message.job.time = 0 0/1 * * * ?
# 卡券到期处理
# \u5361\u5238\u5230\u671F\u5904\u7406
couponExpire.job.switch = 1
couponExpire.job.time = 0 0/1 * * * ?
# 订单超时取消
# \u8BA2\u5355\u8D85\u65F6\u53D6\u6D88
orderCancel.job.switch = 1
orderCancel.job.time = 0 0/1 * * * ?
# 分佣提成计算
# \u5206\u4F63\u63D0\u6210\u8BA1\u7B97
commission.job.switch = 1
commission.job.time = 0 0/1 * * * ?
################## 阿里云短信配置 #######################
# 短信接口模式[0-关闭 1-打开]
################## \u963F\u91CC\u4E91\u77ED\u4FE1\u914D\u7F6E #######################
# \u77ED\u4FE1\u63A5\u53E3\u6A21\u5F0F[0-\u5173\u95ED 1-\u6253\u5F00]
aliyun.sms.mode = 0
aliyun.sms.accessKeyId=LTAI4GJMjV123oXsrQJLnPZt
aliyun.sms.accessKeySecret=eGVBL30u5Ypj234d7XODlwYKWTaGT
# 阿里云短信签名
aliyun.sms.signName=延禾技术
# \u963F\u91CC\u4E91\u77ED\u4FE1\u7B7E\u540D
aliyun.sms.signName=\u5EF6\u79BE\u6280\u672F
################## 阿里云OSS存储配置######################
# 模式[0-关闭 1-打开]
################## \u963F\u91CC\u4E91OSS\u5B58\u50A8\u914D\u7F6E######################
# \u6A21\u5F0F[0-\u5173\u95ED 1-\u6253\u5F00]
aliyun.oss.mode = 0
aliyun.oss.accessKeyId = LTAI4GJMjVhBa212rQJLnPZt
aliyun.oss.accessKeySecret = eGVBL30u53456gXd7XODlwYKWTaGT
aliyun.oss.endpoint = https://oss-cn-shenzhen.aliyuncs.com
aliyun.oss.bucketName = fuint-application
# 上传文件夹
# \u4E0A\u4F20\u6587\u4EF6\u5939
aliyun.oss.folder = uploads
# 访问域名
# \u8BBF\u95EE\u57DF\u540D
aliyun.oss.domain = https://fuint-application.oss-cn-shenzhen.aliyuncs.com
################## 微信相关配置 ##########################
# 公众号配置
################## \u5FAE\u4FE1\u76F8\u5173\u914D\u7F6E ##########################
# \u516C\u4F17\u53F7\u914D\u7F6E
weixin.official.appId=wxf4327ef05c27a0
weixin.official.appSecret=1f55e8749332234d9a074873d8e6a3
# 小程序配置
wxpay.appId = wxb6af3741234162bc
wxpay.appSecret = 76a538bfa5b55a4564d5f2be5540
wxpay.mchId=1636980812
wxpay.apiV2=34354320201030y323e432342343
# \u5C0F\u7A0B\u5E8F\u914D\u7F6E
wxpay.appId = wx7b3cd05eaf5225b9
wxpay.appSecret = 2cc8299450b5cccf3afa571498afb1de
wxpay.mchId=1663547246
wxpay.apiV2=Xinaoranqi2018Xinaoranqi20182024
wxpay.certPath=/usr/local/fuint/cert/apiclient_cert.p12
wxpay.domain=https://www.huamar.com/fuint-application
################## 支付宝支付相关配置 ######################
alipay.appId = 应用编号
alipay.privateKey = 应用私钥
alipay.publicKey = 支付宝公钥(通过应用公钥上传到支付宝开放平台换取支付宝公钥)
################## \u652F\u4ED8\u5B9D\u652F\u4ED8\u76F8\u5173\u914D\u7F6E ######################
alipay.appId = \u5E94\u7528\u7F16\u53F7
alipay.privateKey = \u5E94\u7528\u79C1\u94A5
alipay.publicKey = \u652F\u4ED8\u5B9D\u516C\u94A5\uFF08\u901A\u8FC7\u5E94\u7528\u516C\u94A5\u4E0A\u4F20\u5230\u652F\u4ED8\u5B9D\u5F00\u653E\u5E73\u53F0\u6362\u53D6\u652F\u4ED8\u5B9D\u516C\u94A5\uFF09
alipay.serverUrl=https://openapi.alipay.com/gateway.do
alipay.domain=https://www.huamar.com/fuint-application/clientApi/pay/aliPayCallback
################ 微信订阅模板消息配置 ######################
weixin.subMessage.orderCreated=[{'key':'time', 'name':'订单时间'},{'key':'orderSn', 'name':'订单号'},{'key':'remark', 'name':'备注信息'}]
weixin.subMessage.deliverGoods=[{'key':'receiver', 'name':'收货人'}, {'key':'orderSn', 'name':'订单号'}, {'key':'expressCompany', 'name':'快递公司'}, {'key':'expressNo', 'name':'快递单号'}]
weixin.subMessage.couponExpire=[{'key':'name', 'name':'卡券名称'}, {'key':'expireTime', 'name':'到期时间'},{'key':'tips', 'name':'温馨提示'}]
weixin.subMessage.couponArrival=[{'key':'name', 'name':'卡券名称'},{'key':'amount', 'name':'金额'},{'key':'tips', 'name':'温馨提示'}]
weixin.subMessage.balanceChange=[{'key':'amount', 'name':'变动金额'},{'key':'time', 'name':'变动时间'},{'key':'tips', 'name':'温馨提示'}]
weixin.subMessage.couponConfirm=[{'key':'name', 'name':'卡券名称'},{'key':'time', 'name':'核销时间'}]
weixin.subMessage.pointChange=[{'key':'amount', 'name':'变动数量'},{'key':'time', 'name':'变动时间'},{'key':'remark', 'name':'备注信息'}]
################ \u5FAE\u4FE1\u8BA2\u9605\u6A21\u677F\u6D88\u606F\u914D\u7F6E ######################
weixin.subMessage.orderCreated=[{'key':'time', 'name':'\u8BA2\u5355\u65F6\u95F4'},{'key':'orderSn', 'name':'\u8BA2\u5355\u53F7'},{'key':'remark', 'name':'\u5907\u6CE8\u4FE1\u606F'}]
weixin.subMessage.deliverGoods=[{'key':'receiver', 'name':'\u6536\u8D27\u4EBA'}, {'key':'orderSn', 'name':'\u8BA2\u5355\u53F7'}, {'key':'expressCompany', 'name':'\u5FEB\u9012\u516C\u53F8'}, {'key':'expressNo', 'name':'\u5FEB\u9012\u5355\u53F7'}]
weixin.subMessage.couponExpire=[{'key':'name', 'name':'\u5361\u5238\u540D\u79F0'}, {'key':'expireTime', 'name':'\u5230\u671F\u65F6\u95F4'},{'key':'tips', 'name':'\u6E29\u99A8\u63D0\u793A'}]
weixin.subMessage.couponArrival=[{'key':'name', 'name':'\u5361\u5238\u540D\u79F0'},{'key':'amount', 'name':'\u91D1\u989D'},{'key':'tips', 'name':'\u6E29\u99A8\u63D0\u793A'}]
weixin.subMessage.balanceChange=[{'key':'amount', 'name':'\u53D8\u52A8\u91D1\u989D'},{'key':'time', 'name':'\u53D8\u52A8\u65F6\u95F4'},{'key':'tips', 'name':'\u6E29\u99A8\u63D0\u793A'}]
weixin.subMessage.couponConfirm=[{'key':'name', 'name':'\u5361\u5238\u540D\u79F0'},{'key':'time', 'name':'\u6838\u9500\u65F6\u95F4'}]
weixin.subMessage.pointChange=[{'key':'amount', 'name':'\u53D8\u52A8\u6570\u91CF'},{'key':'time', 'name':'\u53D8\u52A8\u65F6\u95F4'},{'key':'remark', 'name':'\u5907\u6CE8\u4FE1\u606F'}]

2
XinAoDTS/fuintBackend/fuint-application/src/main/resources/application.properties
Unescape Escape View File

@ -1,5 +1,5 @@
# \u57FA\u672C\u914D\u7F6E
server.port=8080
server.port=8081
env.profile=dev

4
XinAoDTS/fuintBackend/fuint-application/src/main/resources/logback-spring.xml
Unescape Escape View File

@ -14,10 +14,10 @@
<encoder>
<pattern>%d{MM-dd HH:mm:ss.SSS} [%thread] %-5level %logger{36} - %msg%n</pattern>
</encoder>
<file>/data/log/fuint/server.log</file>
<file>/home/e_wanglx/java/datongshui/logs/server.log</file>
<!-- 滚动记录文件,先将日志记录到指定文件,当符合某个条件时,将日志记录到其他文件。-->
<rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
<fileNamePattern>/data/log/fuint/archive/server_all_%d{yyyy-MM-dd}.%i.log.zip
<fileNamePattern>/home/e_wanglx/java/datongshui/logs/server_all_%d{yyyy-MM-dd}.%i.log.zip
</fileNamePattern>
<!-- 当天的日志大小 超过${log.max.size}时,压缩日志并保存 -->
<timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">

Write Preview
Loading…
Cancel
Save