更新公共跨域

2026-01-28 23:37:51 +08:00 · 2026-01-28 23:37:51 +08:00 · 18dfebf0de
commit 18dfebf0de
parent 743d8d9ddf
4 changed files with 9 additions and 20 deletions
--- a/.env
+++ b/.env
@ -1,8 +1,8 @@
 APP_DEBUG = true

 DB_TYPE = mysql
-DB_HOST = 10.168.1.239
-DB_NAME = official_website
+DB_HOST = 192.168.31.10
+DB_NAME = official_webiste
 DB_USER = official
 DB_PASS = meitian@#!
 DB_PORT = 3306
--- a/app/admin/middleware.php
+++ b/app/admin/middleware.php
@ -6,6 +6,7 @@ return [
    // 多语言加载
    // \think\middleware\LoadLangPack::class,
    // Session初始化
+    \app\common\middleware\AllowCrossDomain::class,
    \think\middleware\SessionInit::class,
 ];

--- a/app/common/middleware/AllowCrossDomain.php
+++ b/app/common/middleware/AllowCrossDomain.php
@ -1,28 +1,27 @@
 <?php

-namespace app\admin\middleware;
+namespace app\common\middleware;

 use think\Response;
 use think\Request;

 /**
- * 自定义跨域中间件
- * 解决 AJAX 请求 Cookie 传递问题
+ * 公共跨域中间件
+ * 供所有应用共用
 */
-class CustomCors
+class AllowCrossDomain
 {
    public function handle(Request $request, \Closure $next): Response
    {
        $origin = $request->header('origin', '');
        
-        // 允许的域名列表（根据实际情况修改）
        $allowedDomains = [
            'http://localhost:3000',
            'http://localhost:8000',
            'http://127.0.0.1:3000',
            'http://127.0.0.1:8000',
-            'http://backapi.yunzer.cn',
            'http://localhost:5173',
+            'http://backapi.yunzer.cn',
            'http://www.yunzer.cn',
            'https://www.yunzer.cn',
            'http://yunzer.cn',
@ -33,11 +32,9 @@ class CustomCors
            'https://backend.yunzer.cn',
        ];
        
-        // 检查是否为允许的域名
        if (in_array($origin, $allowedDomains)) {
            $header['Access-Control-Allow-Origin'] = $origin;
        } else {
-            // 对于同源请求，允许当前域名
            if (!empty($origin)) {
                $header['Access-Control-Allow-Origin'] = $origin;
            } else {
@ -45,13 +42,11 @@ class CustomCors
            }
        }
        
-        // 处理 OPTIONS 预检请求，直接返回
        if ($request->method() === 'OPTIONS') {
            $header['Access-Control-Allow-Credentials'] = 'true';
            $header['Access-Control-Max-Age'] = 1800;
            $header['Access-Control-Allow-Methods'] = 'GET, POST, PATCH, PUT, DELETE, OPTIONS';
            $header['Access-Control-Allow-Headers'] = 'Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With';
-            \think\facade\Log::record('CORS OPTIONS preflight for: ' . $origin);
            return response('', 200, $header);
        }
        
--- a/app/index/middleware.php
+++ b/app/index/middleware.php
@ -1,12 +1,5 @@
 <?php
-// 全局中间件定义文件
 return [
-    // 全局跨域中间件
-    \think\middleware\AllowCrossDomain::class,
-    // 全局请求缓存
-    // \think\middleware\CheckRequestCache::class,
-    // 多语言加载
-    // \think\middleware\LoadLangPack::class,
-    // Session初始化
+    \app\common\middleware\AllowCrossDomain::class,
    \think\middleware\SessionInit::class,
 ];