extends Node class_name SecurityConfig ## 安全配置类 ## 集中管理所有安全相关的配置和常量 # 输入验证配置 const INPUT_VALIDATION = { "max_message_length": 500, "max_username_length": 50, "max_character_name_length": 20, "min_character_name_length": 2, "max_json_size": 10000 # 10KB } # 会话管理配置 const SESSION_MANAGEMENT = { "session_timeout": 1800.0, # 30分钟 "max_failed_attempts": 5, "lockout_duration": 300.0, # 5分钟 "cleanup_interval": 300.0 # 5分钟清理间隔 } # 网络安全配置 const NETWORK_SECURITY = { "max_message_rate": 10, # 每秒最大消息数 "rate_limit_window": 1.0, # 速率限制窗口(秒) "connection_timeout": 10.0, # 连接超时 "heartbeat_interval": 30.0 # 心跳间隔 } # 内容过滤配置 const CONTENT_FILTERING = { "enable_html_filtering": true, "enable_script_detection": true, "enable_injection_detection": true, "max_repetition_ratio": 0.7, # 最大重复字符比例 "enable_profanity_filter": false # 可选:脏话过滤 } # 日志和监控配置 const LOGGING = { "log_security_events": true, "log_failed_attempts": true, "log_suspicious_activity": true, "max_log_entries": 1000 } # 加密和哈希配置 const ENCRYPTION = { "use_secure_tokens": true, "token_complexity": "high", # low, medium, high "hash_algorithm": "sha256" } ## 获取配置值 static func get_config(category: String, key: String, default_value = null): """ 获取配置值 @param category: 配置类别 @param key: 配置键 @param default_value: 默认值 @return: 配置值 """ var config_dict = null match category: "input_validation": config_dict = INPUT_VALIDATION "session_management": config_dict = SESSION_MANAGEMENT "network_security": config_dict = NETWORK_SECURITY "content_filtering": config_dict = CONTENT_FILTERING "logging": config_dict = LOGGING "encryption": config_dict = ENCRYPTION _: return default_value if config_dict and config_dict.has(key): return config_dict[key] return default_value ## 验证配置完整性 static func validate_config() -> bool: """ 验证安全配置的完整性 @return: 配置是否有效 """ # 检查关键配置项 var critical_configs = [ ["input_validation", "max_message_length"], ["session_management", "session_timeout"], ["network_security", "connection_timeout"], ["content_filtering", "enable_script_detection"] ] for config in critical_configs: var value = get_config(config[0], config[1]) if value == null: print("ERROR: Missing critical security config: %s.%s" % [config[0], config[1]]) return false return true ## 获取安全级别 static func get_security_level() -> String: """ 获取当前安全级别 @return: 安全级别 ("low", "medium", "high") """ # 基于配置确定安全级别 var script_detection = get_config("content_filtering", "enable_script_detection", false) var injection_detection = get_config("content_filtering", "enable_injection_detection", false) var secure_tokens = get_config("encryption", "use_secure_tokens", false) var max_attempts = get_config("session_management", "max_failed_attempts", 10) if script_detection and injection_detection and secure_tokens and max_attempts <= 5: return "high" elif (script_detection or injection_detection) and max_attempts <= 10: return "medium" else: return "low" ## 应用安全配置到游戏配置 static func apply_to_game_config(): """将安全配置应用到GameConfig""" # GameConfig可能不存在,这是正常的 pass ## 获取推荐的安全设置 static func get_recommended_settings() -> Dictionary: """ 获取推荐的安全设置 @return: 推荐设置字典 """ return { "description": "推荐的高安全级别设置", "settings": { "input_validation": { "max_message_length": 300, # 更严格的消息长度限制 "max_username_length": 30, "enable_strict_validation": true }, "session_management": { "session_timeout": 900.0, # 15分钟更短的会话 "max_failed_attempts": 3, # 更严格的失败尝试限制 "lockout_duration": 600.0 # 10分钟锁定 }, "content_filtering": { "enable_html_filtering": true, "enable_script_detection": true, "enable_injection_detection": true, "max_repetition_ratio": 0.5 # 更严格的重复检测 } } } ## 初始化安全配置 static func initialize(): """初始化安全配置""" if validate_config(): var security_level = get_security_level() print("Security configuration initialized - Level: " + security_level) apply_to_game_config() else: print("ERROR: Security configuration validation failed")