whfh/label_backend
0
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
c2a254cba4492411b896d07384233c1f9f2ab150
label_backend/src/main/resources/application.yml
wh c2a254cba4 fix+refactor: 代码审查修复(11 项安全/并发缺陷)+ log.debug → log.info(21 处) 
代码审查修复:
- MybatisPlusConfig: video_process_job 加入 IGNORED_TABLES(修复回调路径多租户过滤导致全部回调静默丢失)
- TokenFilter: catch(Exception) 替代 catch(NumberFormatException),防止空指针泄漏为 500
- VideoController: createJob 空指针防护 + handleCallback 共享密钥校验(X-Callback-Secret)
- VideoProcessService: handleCallback 显式校验 companyId 非空;triggerAi 失败改为 error 级日志
- ExtractionService/QaService: validateAndGetTask 显式校验 companyId(纵深防御)
- TaskClaimService: reclaim 增加原子 WHERE status='REJECTED';claim 异常时释放 Redis 锁
- TaskService: reassign 校验 targetUserId 属于同一租户
- AuthService: user:sessions:{userId} Set 设置滑动 TTL,防止 Token 无限累积
- ExportService/SourceService: RustFS + DB 非原子操作增加失败回滚清理
- SourceService: getOriginalFilename 使用 Paths.get().getFileName() 防路径遍历

日志规范:
- 11 个 Service 类 21 处 log.debug 替换为 log.info
2026-04-09 19:42:20 +08:00

67 lines
1.7 KiB
YAML
Raw Blame History

server:
port: 8080
spring:
datasource:
url: ${SPRING_DATASOURCE_URL:jdbc:postgresql://localhost:5432/label_db}
username: ${SPRING_DATASOURCE_USERNAME:label}
password: ${SPRING_DATASOURCE_PASSWORD:label_password}
driver-class-name: org.postgresql.Driver
hikari:
maximum-pool-size: 20
minimum-idle: 5
connection-timeout: 30000
data:
redis:
host: ${SPRING_DATA_REDIS_HOST:localhost}
port: ${SPRING_DATA_REDIS_PORT:6379}
password: ${SPRING_DATA_REDIS_PASSWORD:redis_password}
timeout: 5000ms
lettuce:
pool:
max-active: 8
max-idle: 8
min-idle: 0
jackson:
default-property-inclusion: non_null
serialization:
write-dates-as-timestamps: false
mvc:
pathmatch:
matching-strategy: ant_path_matcher # Shiro 与 Spring Boot 3 兼容性需要
mybatis-plus:
mapper-locations: classpath*:mapper/**/*.xml
type-aliases-package: com.label.module
configuration:
map-underscore-to-camel-case: true
log-impl: org.apache.ibatis.logging.slf4j.Slf4jImpl
global-config:
db-config:
id-type: auto
rustfs:
endpoint: ${RUSTFS_ENDPOINT:http://localhost:9000}
access-key: ${RUSTFS_ACCESS_KEY:minioadmin}
secret-key: ${RUSTFS_SECRET_KEY:minioadmin}
region: us-east-1
ai-service:
base-url: ${AI_SERVICE_BASE_URL:http://localhost:8000}
timeout: 30000 # milliseconds
token:
ttl-seconds: 7200 # Token 默认有效期(秒),与 sys_config token_ttl_seconds 保持一致
video:
callback-secret: ${VIDEO_CALLBACK_SECRET:} # AI 服务回调共享密钥,为空时跳过校验(开发环境)
logging:
level:
com.label: DEBUG
org.apache.shiro: INFO
com.baomidou.mybatisplus: INFO
Reference in New Issue View Git Blame Copy Permalink