feat: 添加安全模块 + Dockerfile添加curl支持健康检查
主要更新: - 新增 security/ 安全模块 (风险评估、威胁检测、蜜罐等) - Dockerfile 添加 curl 以支持 Docker 健康检查 - 前端页面更新 (管理后台、用户端) - 数据库迁移和 schema 更新 - 新增 kdocs 上传服务 - 添加安全相关测试用例 Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
Yu Yon
21
app.py
21
app.py
@@ -32,9 +32,9 @@ from browser_pool_worker import init_browser_worker_pool, shutdown_browser_worke
|
||||
from realtime.socketio_handlers import register_socketio_handlers
|
||||
from realtime.status_push import status_push_worker
|
||||
from routes import register_blueprints
|
||||
from services.browser_manager import init_browser_manager
|
||||
from security import init_security_middleware
|
||||
from services.checkpoints import init_checkpoint_manager
|
||||
from services.maintenance import start_cleanup_scheduler
|
||||
from services.maintenance import start_cleanup_scheduler, start_kdocs_monitor
|
||||
from services.models import User
|
||||
from services.runtime import init_runtime
|
||||
from services.scheduler import scheduled_task_worker
|
||||
@@ -98,6 +98,9 @@ init_logging(log_level=config.LOG_LEVEL, log_file=config.LOG_FILE)
|
||||
logger = get_logger("app")
|
||||
init_runtime(socketio=socketio, logger=logger)
|
||||
|
||||
# 初始化安全中间件(需在其他中间件/Blueprint 之前注册)
|
||||
init_security_middleware(app)
|
||||
|
||||
# 注册 Blueprint(路由不变)
|
||||
register_blueprints(app)
|
||||
|
||||
@@ -195,7 +198,7 @@ def cleanup_on_exit():
|
||||
except Exception:
|
||||
pass
|
||||
|
||||
logger.info("- 关闭浏览器线程池...")
|
||||
logger.info("- 关闭截图线程池...")
|
||||
try:
|
||||
shutdown_browser_worker_pool()
|
||||
except Exception:
|
||||
@@ -264,6 +267,7 @@ if __name__ == "__main__":
|
||||
logger.warning(f"警告: 邮件服务初始化失败: {e}")
|
||||
|
||||
start_cleanup_scheduler()
|
||||
start_kdocs_monitor()
|
||||
|
||||
try:
|
||||
system_config = database.get_system_config() or {}
|
||||
@@ -274,15 +278,6 @@ if __name__ == "__main__":
|
||||
except Exception as e:
|
||||
logger.warning(f"警告: 加载并发配置失败,使用默认值: {e}")
|
||||
|
||||
logger.info("正在初始化浏览器管理器...")
|
||||
try:
|
||||
from services.browser_manager import init_browser_manager_async
|
||||
|
||||
logger.info("启动浏览器环境初始化(后台进行,不阻塞服务启动)...")
|
||||
init_browser_manager_async()
|
||||
except Exception as e:
|
||||
logger.warning(f"警告: 启动浏览器初始化失败: {e}")
|
||||
|
||||
logger.info("启动定时任务调度器...")
|
||||
threading.Thread(target=scheduled_task_worker, daemon=True, name="scheduled-task-worker").start()
|
||||
logger.info("✓ 定时任务调度器已启动")
|
||||
@@ -301,7 +296,7 @@ if __name__ == "__main__":
|
||||
except Exception:
|
||||
pool_size = 3
|
||||
try:
|
||||
logger.info(f"初始化截图线程池({pool_size}个worker,按需启动浏览器,空闲5分钟后自动关闭)...")
|
||||
logger.info(f"初始化截图线程池({pool_size}个worker,按需启动执行环境,空闲5分钟后自动释放)...")
|
||||
init_browser_worker_pool(pool_size=pool_size)
|
||||
logger.info("✓ 截图线程池初始化完成")
|
||||
except Exception as e:
|
||||
|
||||
Reference in New Issue
Block a user