创建新工程
This commit is contained in:
moyin
170
scripts/SecurityConfig.gd
Normal file
170
scripts/SecurityConfig.gd
Normal file
@@ -0,0 +1,170 @@
|
||||
extends Node
|
||||
class_name SecurityConfig
|
||||
## 安全配置类
|
||||
## 集中管理所有安全相关的配置和常量
|
||||
|
||||
# 输入验证配置
|
||||
const INPUT_VALIDATION = {
|
||||
"max_message_length": 500,
|
||||
"max_username_length": 50,
|
||||
"max_character_name_length": 20,
|
||||
"min_character_name_length": 2,
|
||||
"max_json_size": 10000 # 10KB
|
||||
}
|
||||
|
||||
# 会话管理配置
|
||||
const SESSION_MANAGEMENT = {
|
||||
"session_timeout": 1800.0, # 30分钟
|
||||
"max_failed_attempts": 5,
|
||||
"lockout_duration": 300.0, # 5分钟
|
||||
"cleanup_interval": 300.0 # 5分钟清理间隔
|
||||
}
|
||||
|
||||
# 网络安全配置
|
||||
const NETWORK_SECURITY = {
|
||||
"max_message_rate": 10, # 每秒最大消息数
|
||||
"rate_limit_window": 1.0, # 速率限制窗口(秒)
|
||||
"connection_timeout": 10.0, # 连接超时
|
||||
"heartbeat_interval": 30.0 # 心跳间隔
|
||||
}
|
||||
|
||||
# 内容过滤配置
|
||||
const CONTENT_FILTERING = {
|
||||
"enable_html_filtering": true,
|
||||
"enable_script_detection": true,
|
||||
"enable_injection_detection": true,
|
||||
"max_repetition_ratio": 0.7, # 最大重复字符比例
|
||||
"enable_profanity_filter": false # 可选:脏话过滤
|
||||
}
|
||||
|
||||
# 日志和监控配置
|
||||
const LOGGING = {
|
||||
"log_security_events": true,
|
||||
"log_failed_attempts": true,
|
||||
"log_suspicious_activity": true,
|
||||
"max_log_entries": 1000
|
||||
}
|
||||
|
||||
# 加密和哈希配置
|
||||
const ENCRYPTION = {
|
||||
"use_secure_tokens": true,
|
||||
"token_complexity": "high", # low, medium, high
|
||||
"hash_algorithm": "sha256"
|
||||
}
|
||||
|
||||
## 获取配置值
|
||||
static func get_config(category: String, key: String, default_value = null):
|
||||
"""
|
||||
获取配置值
|
||||
@param category: 配置类别
|
||||
@param key: 配置键
|
||||
@param default_value: 默认值
|
||||
@return: 配置值
|
||||
"""
|
||||
var config_dict = null
|
||||
|
||||
match category:
|
||||
"input_validation":
|
||||
config_dict = INPUT_VALIDATION
|
||||
"session_management":
|
||||
config_dict = SESSION_MANAGEMENT
|
||||
"network_security":
|
||||
config_dict = NETWORK_SECURITY
|
||||
"content_filtering":
|
||||
config_dict = CONTENT_FILTERING
|
||||
"logging":
|
||||
config_dict = LOGGING
|
||||
"encryption":
|
||||
config_dict = ENCRYPTION
|
||||
_:
|
||||
return default_value
|
||||
|
||||
if config_dict and config_dict.has(key):
|
||||
return config_dict[key]
|
||||
|
||||
return default_value
|
||||
|
||||
## 验证配置完整性
|
||||
static func validate_config() -> bool:
|
||||
"""
|
||||
验证安全配置的完整性
|
||||
@return: 配置是否有效
|
||||
"""
|
||||
# 检查关键配置项
|
||||
var critical_configs = [
|
||||
["input_validation", "max_message_length"],
|
||||
["session_management", "session_timeout"],
|
||||
["network_security", "connection_timeout"],
|
||||
["content_filtering", "enable_script_detection"]
|
||||
]
|
||||
|
||||
for config in critical_configs:
|
||||
var value = get_config(config[0], config[1])
|
||||
if value == null:
|
||||
print("ERROR: Missing critical security config: %s.%s" % [config[0], config[1]])
|
||||
return false
|
||||
|
||||
return true
|
||||
|
||||
## 获取安全级别
|
||||
static func get_security_level() -> String:
|
||||
"""
|
||||
获取当前安全级别
|
||||
@return: 安全级别 ("low", "medium", "high")
|
||||
"""
|
||||
# 基于配置确定安全级别
|
||||
var script_detection = get_config("content_filtering", "enable_script_detection", false)
|
||||
var injection_detection = get_config("content_filtering", "enable_injection_detection", false)
|
||||
var secure_tokens = get_config("encryption", "use_secure_tokens", false)
|
||||
var max_attempts = get_config("session_management", "max_failed_attempts", 10)
|
||||
|
||||
if script_detection and injection_detection and secure_tokens and max_attempts <= 5:
|
||||
return "high"
|
||||
elif (script_detection or injection_detection) and max_attempts <= 10:
|
||||
return "medium"
|
||||
else:
|
||||
return "low"
|
||||
|
||||
## 应用安全配置到游戏配置
|
||||
static func apply_to_game_config():
|
||||
"""将安全配置应用到GameConfig"""
|
||||
# GameConfig可能不存在,这是正常的
|
||||
pass
|
||||
|
||||
## 获取推荐的安全设置
|
||||
static func get_recommended_settings() -> Dictionary:
|
||||
"""
|
||||
获取推荐的安全设置
|
||||
@return: 推荐设置字典
|
||||
"""
|
||||
return {
|
||||
"description": "推荐的高安全级别设置",
|
||||
"settings": {
|
||||
"input_validation": {
|
||||
"max_message_length": 300, # 更严格的消息长度限制
|
||||
"max_username_length": 30,
|
||||
"enable_strict_validation": true
|
||||
},
|
||||
"session_management": {
|
||||
"session_timeout": 900.0, # 15分钟更短的会话
|
||||
"max_failed_attempts": 3, # 更严格的失败尝试限制
|
||||
"lockout_duration": 600.0 # 10分钟锁定
|
||||
},
|
||||
"content_filtering": {
|
||||
"enable_html_filtering": true,
|
||||
"enable_script_detection": true,
|
||||
"enable_injection_detection": true,
|
||||
"max_repetition_ratio": 0.5 # 更严格的重复检测
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
## 初始化安全配置
|
||||
static func initialize():
|
||||
"""初始化安全配置"""
|
||||
if validate_config():
|
||||
var security_level = get_security_level()
|
||||
print("Security configuration initialized - Level: " + security_level)
|
||||
apply_to_game_config()
|
||||
else:
|
||||
print("ERROR: Security configuration validation failed")
|
||||
Reference in New Issue
Block a user