From 22a5ad3acef0bfb8353dac64d4cbe0d52f6d2a07 Mon Sep 17 00:00:00 2001
From: jack <jack.su@pollex.com.tw>
Date: 星期五, 01 九月 2023 10:16:41 +0800
Subject: [PATCH] [UPDATE] 解決弱點Use of hard-coded cryptographic key , 把key移到設定檔
---
pamapi/src/main/resources/config/application-dev.yml | 26 ++++++++++++++++++++------
1 files changed, 20 insertions(+), 6 deletions(-)
diff --git a/pamapi/src/main/resources/config/application-dev.yml b/pamapi/src/main/resources/config/application-dev.yml
index ddf5c77..14ce3bd 100644
--- a/pamapi/src/main/resources/config/application-dev.yml
+++ b/pamapi/src/main/resources/config/application-dev.yml
@@ -32,8 +32,8 @@
indent-output: true
datasource:
type: com.zaxxer.hikari.HikariDataSource
- url: jdbc:postgresql://dev.pollex.com.tw:5433/pam
- #url: jdbc:postgresql://localhost:5432/omo?currentSchema=omo
+ url: jdbc:postgresql://dev.pollex.com.tw:5433/pam_p2
+ #url: jdbc:postgresql://localhost:5432/omo?currentSchema=public
username: pamadmin
password: pamadmin
hikari:
@@ -45,10 +45,16 @@
# Remove 'faker' if you do not want the sample data to be loaded automatically
contexts: dev, faker
mail:
- host: localhost
- port: 25
- username:
- password:
+ host: smtp.gmail.com
+ port: 587
+ username: pollex.testing@gmail.com
+ password: ilismmmhtscppxft
+ properties:
+ mail:
+ smtp:
+ auth: true
+ starttls:
+ enable: true
messages:
cache-duration: PT1S # 1 second, see the ISO 8601 standard
thymeleaf:
@@ -119,11 +125,19 @@
e-service-login-url: https://eserviceuat.pcalife.com.tw/sso/chatbotValidate
e-service-login-func: ValidateUsrLogin
e-service-login-sys: epos
+ front-end-domain: 'http://localhost:3000/#'
sms:
+ send-notify-msg: false
url: https://localhost:8081/testSMS
source-code: ePos
sender: POS
sms-type: '0017'
+ subject: '慦�像��'
email:
+ send-notify-msg: false
url: https://localhost:8081/testEmail
function-id: epos
+ sender-email: noreply@pcalife.com.tw
+ method: 'POLLEX_GMAIL'
+ file-folder-path: C://pam_file
+ aes-key: PAMKEY1234567890
--
Gitblit v1.8.0