sensitive-word-admin
Sensitive-Word-Admin is an out-of-the-box, sensitive word console service based on Sensitive-Word.
features
- Basic CRUD
- Out-of-the-box configuration console
- Easy to use API services
Change log
Quick start
Database script
Execute the mysql-5.7.sql script.
The core table is as follows:
Create table word (id int unsigned auto_increment comment_id); WORD VARCHAR (128) NOT NULL COMMENT ' ', TYPE VARCHAR (8) NOT NULL COMMENT ', Status char(1) not null default 'comment ', remark varchar(64) not null comment '', remark varchar(64) not null comment ', remark varchar(64) not null comment' Operator_id varchar(64) not null default 'system' comment 'operator_id' varchar(64) not null default 'system' comment ' CREATE_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP NOT NULL COMMENT UPDATE DATE_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP NOT NULL ON UPDATE CURRENT_TIMESTAMP COMMENT ENGINE=Innodb default charset=UTF8 auto_increment=1; Create unique index uk_word on word (word) comment 'unique index ';
Application startup
Run Applicaiton#main() directly to launch the application. The startup log is as follows:
The 2021-07-20 20:56:48. 200 INFO [] - [the main] 6680 O.A.C oyote. Http11. Http11NioProtocol: ProtocolHandler ["http-nio-8080"] 2021-07-20 20:56:48.219 INFO [] 6680 -- [main] o.a.tomcat.util.net.NioSelectorPool : Using a shared selector for servlet write/read 2021-07-20 20:56:48.248 INFO [] 6680 -- [Main] s.b.c.e.t.TomcatEmbeddedServletContainer : Tomcat started on port(s): 8080 (HTTP) 2021-07-20 20:56:48. 256 INFO [] - [the main] 6680 C.G.H.S ensitive. Word. Admin. Application: Started Application in 14.04 Seconds (JVM running for 15.52 seconds)
Sensitive word configuration
In addition to Sensitive-word itself, we can configure it according to our own business.
There are two types: prohibited and allowed. Prohibited statements are sensitive words, and allowed statements are not considered sensitive words.
All types will only take effect if the state is normal.
The validation test
contains
Whether to include sensitive words.
http://localhost:8080/api/sensitiveWord/contains?text= who do the test
Returns:
{" respCode ":" 0000 ", "respMessage" : "success", "result" : true}
findAll
Find all the sensitive words.
http://localhost:8080/api/sensitiveWord/findAll?text= who do the test
Returns:
{" respCode ":" 0000 ", "respMessage" : "success", "total" : 2, "a list" : [" whoever whoever ", "test"]}
replace
Replace the corresponding sensitive word.
http://localhost:8080/api/sensitiveWord/replace?text= who do the test
Returns:
{" respCode ":" 0000 ", "respMessage" : "success", "result" : "* * * *"}
All results can be changed according to the console, effective in real time.
Realize the principle of
The underlying dependence
Sensitive word tools rely on https://github.com/houbb/sensitive-word.
Because the original tool only has some of the most basic functions, can not be dynamically changed according to the configuration, does not conform to the actual application scenarios.
So on the basis of the original implementation of an out-of-the-box console, and provides a simple API.
For the sensitive word tool itself, this article does not introduce, recommended reading:
Introduction to the use of sensitive words
Technology selection
springboot
mybatis-plus
vue
Database – based sensitive words
Customized sensitive word related data is stored in the database, and the corresponding definition is as follows:
/** * @Author * @Since 1.1.0 */ @Component public class MyDDWordDeny implements IWordDeny {@Autowired private WordService wordService; @Override public List<String> deny() { Wrapper<Word> wordWrapper = new EntityWrapper<>(); wordWrapper.eq("type", WordTypeEnum.DENY.getCode()); wordWrapper.eq("status", WordStatusEnum.S.getCode()); List<Word> wordList = wordService.selectList(wordWrapper); return CollectionUtil.toList(wordList, new IHandler<Word, String>() { @Override public String handle(Word word) { return word.getWord(); }}); }}
and
/** * @Author * @Since 1.1.0 */ @Component public class myddwordAllow implements IWordAllow {/** * @Component public class myddwordAllow implements IWordAllow {/** * @Component public class myddwordAllow implements IWordAllow { @Autowired private WordService wordService; @Override public List<String> allow() { Wrapper<Word> wordWrapper = new EntityWrapper<>(); wordWrapper.eq("type", WordTypeEnum.ALLOW.getCode()); wordWrapper.eq("status", WordStatusEnum.S.getCode()); List<Word> wordList = wordService.selectList(wordWrapper); return CollectionUtil.toList(wordList, new IHandler<Word, String>() { @Override public String handle(Word word) { return word.getWord(); }}); }}
Sensitive words guide class initialization
The corresponding sensitive class initialization is also relatively simple, we add custom data on the basis of the system default.
@Configuration public class SensitiveWordConfig { @Autowired private MyDdWordAllow myDdWordAllow; @Autowired private MyDdWordDeny myDdWordDeny; @@bean public sensitivewordssensitivewords() {return @@bean public sensitivewords() {return @@bean public sensitivewords() {return @@bean public sensitivewords() {return @@bean public sensitivewords() {return @@bean public sensitivewords() SensitiveWordBs.newInstance() .wordAllow(WordAllows.chains(WordAllows.system(), MyddwordAllow)).wordDeny(worddenys.chains (worddenys.system (), myddwordDeny)).ignorerepeat (false); }}
Configuration changes and sensitive word refresh
Every time the configuration of sensitive words changes, we will take the initiative to refresh the sensitive word dictionary information.
/** * <p> ** @author * @since 2021-07-07 */ @controller @requestMapping ("/word") @traceid @AutoLog public class WordController { @Autowired private WordService wordService; @Autowired private SensitiveWordBs sensitiveWordBs; / / @requestMapping ("/index") public String index() {return "word/index"; } /** * Add element * @Param Entity * @Return result */ @RequestMapping("/add") @ResponseBody public BaseResp add(@RequestBody) final Word entity) { wordService.insert(entity); refreshSensitiveWord(); return RespUtil.success(); } /** * Edit * @Param entity * @Return result */ @RequestMapping("/edit") @ResponseBody public BaseResp edit(Final Word entity) { wordService.updateById(entity); refreshSensitiveWord(); return RespUtil.success(); } /** * Remove * @Param ID entity * @Return result */ @RequestMapping("/remove/{id}") @ResponseBody public BaseResp remove(@PathVariable final Integer id) { wordService.deleteById(id); refreshSensitiveWord(); return RespUtil.success(); } /** * Refresh sensitive words ** can be optimized for asynchronous, or even batch. * @since 1.1.0 */ private void refreshSensitiveWord() {sensitiveWords.init (); }}
Provide external interface
The interfaces provided here are for demonstration purposes only:
/** * API service * @author * @since 1.1.0 */ @restController @requestMapping ("/ API /sensitiveWord/") @autolog @traceid public class ApiSensitiveWordController { @Autowired private SensitiveWordBs sensitiveWordBs; @RequestMapping("/contains") public BaseResp. @RequestMapping("/contains") public BaseResp contains(@RequestParam("text") String text) { boolean contains = sensitiveWordBs.contains(text); return RespUtil.of(contains); } /** * Gets all the references * @Param Text * @Return result */ @RequestMapping("/findAll") public BaseResp findAll(@RequestParam("text") String text) { List<String> results = sensitiveWordBs.findAll(text); return RespUtil.of(results); } /** * Get the result ** @Param Text * @Return result */ @RequestMapping("/ Replace ") public BaseResp replace(@RequestParam("text") String text) { String results = sensitiveWordBs.replace(text); return RespUtil.of(results); }}
If we actually provide services to the outside world, it will be much more complicated than that, if you have to consider the security related issues.
Recommended reading:
How do I implement my own API gateway from zero?
You don’t even know the external interface signature? I still have time to learn
Enter the world of symmetric encryption algorithms with you
Introduction to three ways SpringBoot implements interceptors
summary
Sensitive words are widely used, and need to be considered anywhere where users can speak freely.
The purpose of this article is to show you how to implement an out-of-the-box sensitive word service based on Sensitive-Word.
I am an old horse, looking forward to the next meeting with you.
Note: There is a lot of code involved, which is simplified in the article. If you are interested in the source code, you can pay attention to {old horse roar west wind}, the background reply {sensitive words} can be obtained.