OMC/be.ems
1
0
Fork 0
Code Issues Releases 3 Activity

feat: 跨域中间件

Browse Source
This commit is contained in:
TsMask
2023-09-07 21:04:29 +08:00
parent 7b243bf0dd
commit 4f3878e4a2
4 changed files with 68 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
lib/core/utils/ctx/ctx.go
View File

@@ -47,16 +47,6 @@ func ShouldBindJSON(r *http.Request, args any) error {
// JSON 相应json数据 // JSON 相应json数据
func JSON(w http.ResponseWriter, code int, data any) { func JSON(w http.ResponseWriter, code int, data any) {
// 跨域响应头
// To solve cross domain issue
w.Header().Set("Access-Control-Allow-Origin", "*")
// w.Header().Set("Access-Control-Allow-Methods", "POST, GET, PUT, DELETE, OPTIONS")
w.Header().Set("Access-Control-Allow-Methods", "*")
w.Header().Set("Access-Control-Allow-Headers", "*")
// w.Header().Set("Access-Control-Allow-Headers", "Content-Type")
// w.Header().Set("Access-Control-Allow-Headers", "AccessToken")
w.Header().Set("Access-Control-Expose-Headers", "Access-Control-Allow-Headers, Token")
w.Header().Set("Access-Control-Allow-Credentials", "true")
w.Header().Set("Content-Type", "application/json;charset=UTF-8") w.Header().Set("Content-Type", "application/json;charset=UTF-8")
response, err := json.Marshal(data) response, err := json.Marshal(data)

64
lib/midware/cors.go Normal file
View File

@@ -0,0 +1,64 @@
package midware
import (
"net/http"
"strings"
)
// Cors 跨域
func Cors(next http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
// 设置Vary头部
w.Header().Set("Vary", "Origin")
w.Header().Set("Keep-Alive", "timeout=5")
requestOrigin := r.Header.Get("Origin")
if requestOrigin == "" {
next.ServeHTTP(w, r)
return
}
w.Header().Set("Access-Control-Allow-Origin", "*")
w.Header().Set("Access-Control-Allow-Credentials", "true")
// OPTIONS
if r.Method == "OPTIONS" {
requestMethod := r.Header.Get("Access-Control-Request-Method")
if requestMethod == "" {
next.ServeHTTP(w, r)
return
}
// 响应最大时间值
w.Header().Set("Access-Control-Max-Age", "31536000")
// 允许方法
allowMethods := []string{
"OPTIONS",
"HEAD",
"GET",
"POST",
"PUT",
"DELETE",
"PATCH",
}
w.Header().Set("Access-Control-Allow-Methods", strings.Join(allowMethods, ","))
// 允许请求头
allowHeaders := []string{
"Accesstoken",
}
w.Header().Set("Access-Control-Allow-Headers", strings.Join(allowHeaders, ","))
w.WriteHeader(500)
return
}
// 暴露请求头
exposeHeaders := []string{"X-RepeatSubmit-Rest", "AccessToken"}
w.Header().Set("Access-Control-Expose-Headers", strings.Join(exposeHeaders, ","))
next.ServeHTTP(w, r)
})
}

2
lib/midware/midhandle.go
View File

@@ -37,6 +37,7 @@ func LoggerTrace(next http.Handler) http.Handler {
}) })
} }
// 已禁用
func OptionProcess(next http.Handler) http.Handler { func OptionProcess(next http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
if r.Method == "OPTIONS" { if r.Method == "OPTIONS" {
@@ -48,6 +49,7 @@ func OptionProcess(next http.Handler) http.Handler {
}) })
} }
// 已禁用
func CheckPermission(next http.Handler) http.Handler { func CheckPermission(next http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
token := r.Header.Get("AccessToken") token := r.Header.Get("AccessToken")

3
lib/routes/routes.go
View File

@@ -348,7 +348,8 @@ func NewRouter() *mux.Router {
r.MethodNotAllowedHandler = services.CustomResponseMethodNotAllowed405Handler() r.MethodNotAllowedHandler = services.CustomResponseMethodNotAllowed405Handler()
r.Use(midware.LoggerTrace) r.Use(midware.LoggerTrace)
r.Use(midware.OptionProcess) r.Use(midware.Cors)
// r.Use(midware.OptionProcess)
// r.Use(midware.ArrowIPAddr) // r.Use(midware.ArrowIPAddr)
for _, router := range routers { for _, router := range routers {