Commit 307c37a21b87b4ff2761cd4986cc70dd1676af69
1 parent
c231102e
chore(usr): 登录限流阈值配置项 REQ-USR-004
Showing
2 changed files
with
38 additions
and
0 deletions
backend/src/main/resources/application.yml
| ... | ... | @@ -32,6 +32,13 @@ jwt: |
| 32 | 32 | # 过期时间(毫秒),默认 12 小时 |
| 33 | 33 | expire-millis: ${JWT_EXPIRE_MILLIS:43200000} |
| 34 | 34 | |
| 35 | +# 登录限流(REQ-USR-004 spec § 8 D7):进程内按用户名连续失败计数, | |
| 36 | +# 达 max-fail 次后锁定 lock-seconds 秒。config-vars 无该键,采用默认值并允许 env 覆盖。 | |
| 37 | +auth: | |
| 38 | + login: | |
| 39 | + max-fail: ${AUTH_LOGIN_MAX_FAIL:5} | |
| 40 | + lock-seconds: ${AUTH_LOGIN_LOCK_SECONDS:300} | |
| 41 | + | |
| 35 | 42 | logging: |
| 36 | 43 | level: |
| 37 | 44 | com.xly.erp: INFO | ... | ... |
backend/src/test/java/com/xly/erp/modules/usr/AuthLoginConfigIT.java
0 → 100644
| 1 | +package com.xly.erp.modules.usr; | |
| 2 | + | |
| 3 | +import static org.assertj.core.api.Assertions.assertThat; | |
| 4 | + | |
| 5 | +import org.junit.jupiter.api.Test; | |
| 6 | +import org.springframework.beans.factory.annotation.Value; | |
| 7 | +import org.springframework.boot.test.context.SpringBootTest; | |
| 8 | +import org.springframework.test.context.ActiveProfiles; | |
| 9 | + | |
| 10 | +/** | |
| 11 | + * REQ-USR-004 T6:登录限流配置项可解析(spec § 8 D7)。 | |
| 12 | + * | |
| 13 | + * <p>@SpringBootTest + test profile 下断言 auth.login.max-fail / auth.login.lock-seconds | |
| 14 | + * 已声明且能解析为整数(默认 5 / 300),确保 Service @Value 注入不会因缺键启动失败。</p> | |
| 15 | + */ | |
| 16 | +@SpringBootTest | |
| 17 | +@ActiveProfiles("test") | |
| 18 | +class AuthLoginConfigIT { | |
| 19 | + | |
| 20 | + @Value("${auth.login.max-fail}") | |
| 21 | + private int maxFail; | |
| 22 | + | |
| 23 | + @Value("${auth.login.lock-seconds}") | |
| 24 | + private long lockSeconds; | |
| 25 | + | |
| 26 | + @Test | |
| 27 | + void loginConfigDefaultsBound() { | |
| 28 | + assertThat(maxFail).isEqualTo(5); | |
| 29 | + assertThat(lockSeconds).isEqualTo(300L); | |
| 30 | + } | |
| 31 | +} | ... | ... |