From e8aa64bfac6f92d883e676d05a8c09749e11af4a Mon Sep 17 00:00:00 2001 From: xelnage Date: Thu, 22 Jan 2026 15:14:46 +0800 Subject: [PATCH] Enhance data protection setup in Startup.cs MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 修复启动时找不到密匙文件提示的警告,并将密匙文件放入keys文件夹。 --- src/SSCMS.Web/Startup.cs | 26 ++++++++++++++++++++++++-- 1 file changed, 24 insertions(+), 2 deletions(-) diff --git a/src/SSCMS.Web/Startup.cs b/src/SSCMS.Web/Startup.cs index eba6717b9..1a40a043d 100644 --- a/src/SSCMS.Web/Startup.cs +++ b/src/SSCMS.Web/Startup.cs @@ -50,8 +50,30 @@ public Startup(IWebHostEnvironment env, IConfiguration config) public void ConfigureServices(IServiceCollection services) { - var directory = new DirectoryInfo(_env.ContentRootPath); - services.AddDataProtection().PersistKeysToFileSystem(directory); + // 创建专门的密钥目录,避免非密钥文件干扰 + var keysDirectory = Path.Combine(_env.ContentRootPath, "keys"); + Directory.CreateDirectory(keysDirectory); + + var entryAssembly = Assembly.GetExecutingAssembly(); + + var dataProtectionBuilder = services.AddDataProtection() + .PersistKeysToFileSystem(new DirectoryInfo(keysDirectory)) + .SetApplicationName(entryAssembly.GetName().Name) + .SetDefaultKeyLifetime(TimeSpan.FromDays(90)); + + // 配置XML加密器,根据不同平台选择合适的密钥保护方式 + // 仅在Windows平台上使用DPAPI/DPAPI-NG,其他平台使用默认保护(文件系统) + if (System.Runtime.InteropServices.RuntimeInformation.IsOSPlatform(System.Runtime.InteropServices.OSPlatform.Windows)) + { + try + { + dataProtectionBuilder.ProtectKeysWithDpapi(); + } + catch + { + dataProtectionBuilder.ProtectKeysWithDpapiNG(); + } + } var entryAssembly = Assembly.GetExecutingAssembly(); var assemblies = new List { entryAssembly }.Concat(entryAssembly.GetReferencedAssemblies().Select(Assembly.Load));