long-agent/user-system
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
user-system/config/config.yaml

213 lines
4.5 KiB
YAML
Raw Permalink Normal View History

feat: backend core - auth, user, role, permission, device, webhook, monitoring, cache, repository, service, middleware, API handlers
2026-04-02 11:19:50 +08:00
server:
port: 8080
mode: release # debug, release
read_timeout: 30
read_header_timeout: 10
write_timeout: 30
idle_timeout: 60
shutdown_timeout: 15
max_header_bytes: 1048576
database:
type: sqlite # current runtime support: sqlite
sqlite:
path: ./data/user_management.db
postgresql:
host: localhost
port: 5432
database: user_management
username: postgres
password: ""
ssl_mode: disable
max_open_conns: 100
max_idle_conns: 10
mysql:
host: localhost
port: 3306
database: user_management
username: root
password: ""
charset: utf8mb4
max_open_conns: 100
max_idle_conns: 10
cache:
l1:
enabled: true
max_size: 10000
ttl: 5m
l2:
enabled: false
type: redis
redis:
addr: localhost:6379
password: ""
db: 0
pool_size: 50
ttl: 30m
redis:
enabled: false
addr: localhost:6379
password: ""
db: 0
jwt:
algorithm: HS256 # debug mode 使用 HS256
secret: "change-me-in-production-use-at-least-32-bytes-secret"
access_token_expire_minutes: 120 # 2小时
refresh_token_expire_days: 7 # 7天
security:
password_min_length: 8
password_require_special: true
password_require_number: true
login_max_attempts: 5
login_lock_duration: 30m
ratelimit:
enabled: true
login:
enabled: true
algorithm: token_bucket
capacity: 5
rate: 1
window: 1m
register:
enabled: true
algorithm: leaky_bucket
capacity: 3
rate: 1
window: 1h
api:
enabled: true
algorithm: sliding_window
capacity: 1000
window: 1m
monitoring:
prometheus:
enabled: true
path: /metrics
tracing:
enabled: false
endpoint: http://localhost:4318
service_name: user-management-system
logging:
level: info # debug, info, warn, error
format: json # json, text
output:
- stdout
- ./logs/app.log
rotation:
max_size: 100 # MB
max_age: 30 # days
max_backups: 10
admin:
username: ""
password: ""
email: ""
cors:
enabled: true
allowed_origins:
- "http://localhost:3000"
- "http://127.0.0.1:3000"
allowed_methods:
- GET
- POST
- PUT
- DELETE
- OPTIONS
allowed_headers:
- Authorization
- Content-Type
- X-Requested-With
- X-CSRF-Token
allow_credentials: true
max_age: 3600
email:
host: "" # 生产环境填写真实 SMTP Host
port: 587
username: ""
password: ""
from_email: ""
from_name: "用户管理系统"
sms:
enabled: false
provider: "" # aliyun, tencent留空表示禁用短信能力
code_ttl: 5m
resend_cooldown: 1m
max_daily_limit: 10
aliyun:
access_key_id: ""
access_key_secret: ""
sign_name: ""
template_code: ""
endpoint: ""
region_id: "cn-hangzhou"
code_param_name: "code"
tencent:
secret_id: ""
secret_key: ""
app_id: ""
sign_name: ""
template_id: ""
region: "ap-guangzhou"
endpoint: ""
password_reset:
token_ttl: 15m
site_url: "http://localhost:8080"
# OAuth 社交登录配置(留空则禁用对应 Provider
oauth:
google:
client_id: ""
client_secret: ""
redirect_url: "http://localhost:8080/api/v1/auth/oauth/google/callback"
wechat:
app_id: ""
app_secret: ""
redirect_url: "http://localhost:8080/api/v1/auth/oauth/wechat/callback"
github:
client_id: ""
client_secret: ""
redirect_url: "http://localhost:8080/api/v1/auth/oauth/github/callback"
qq:
app_id: ""
app_key: ""
redirect_url: "http://localhost:8080/api/v1/auth/oauth/qq/callback"
alipay:
app_id: ""
private_key: ""
redirect_url: "http://localhost:8080/api/v1/auth/oauth/alipay/callback"
sandbox: false
douyin:
client_key: ""
client_secret: ""
redirect_url: "http://localhost:8080/api/v1/auth/oauth/douyin/callback"
# Webhook 全局配置
webhook:
enabled: true
secret_header: "X-Webhook-Signature" # 签名 Header 名称
timeout_sec: 30 # 单次投递超时(秒)
max_retries: 3 # 最大重试次数
retry_backoff: "exponential" # 退避策略exponential / fixed
worker_count: 4 # 后台投递协程数
queue_size: 1000 # 投递队列大小
# IP 安全配置
ip_security:
auto_block_enabled: true # 是否启用自动封禁
auto_block_duration: 30m # 自动封禁时长
brute_force_threshold: 10 # 暴力破解阈值(窗口内失败次数)
detection_window: 15m # 检测时间窗口
Reference in New Issue Copy Permalink