跨域

app/api/middleware/AllowCrossDomain.php

@@ -2,19 +2,49 @@
 declare(strict_types=1);
 namespace app\api\middleware;
 
+use Closure;
+use think\Config;
+use think\Request;
+use think\Response;
+
 class AllowCrossDomain{
     
-    public function handle($request, \Closure $next)
+    protected $cookieDomain;
+
+    protected $header = [
+        'Access-Control-Allow-Credentials' => 'true',
+        'Access-Control-Max-Age'           => 1800,
+        'Access-Control-Allow-Methods'     => 'GET, POST, PATCH, PUT, DELETE, OPTIONS',
+        'Access-Control-Allow-Headers'     => 'Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With',
+    ];
+
+    public function __construct(Config $config)
     {
-        header('Access-Control-Allow-Origin: *'); // 或者指定具体域名  
-        header('Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS');  
-        header('Access-Control-Allow-Headers: Content-Type, Authorization, X-Requested-With');  
-        header('Access-Control-Allow-Credentials: true');  
-    
-        if ($request->method() === 'OPTIONS') {  
-            return response()->code(204);  
-        }  
-    
-        return $next($request);  
+        $this->cookieDomain = $config->get('cookie.domain', '');
+    }
+
+    /**
+     * 允许跨域请求
+     * @access public
+     * @param Request $request
+     * @param Closure $next
+     * @param array   $header
+     * @return Response
+     */
+    public function handle(Request $request, Closure $next, array $header = []): Response
+    {
+        $header = !empty($header) ? array_merge($this->header, $header) : $this->header;
+
+        if (!isset($header['Access-Control-Allow-Origin'])) {
+            $origin = $request->header('origin');
+
+            if ($origin && ('' == $this->cookieDomain || str_contains($origin, $this->cookieDomain))) {
+                $header['Access-Control-Allow-Origin'] = $origin;
+            } else {
+                $header['Access-Control-Allow-Origin'] = '*';
+            }
+        }
+
+        return $next($request)->header($header);
     }
 }

app/api/route/route.php

@@ -8,12 +8,12 @@ use think\facade\Route;
 Route::group('user', function () {
 
       Route::rule('test','test/index','GET|POST');
-      Route::rule('withdraw','transaction/withdraw','GET|POST');
+      Route::rule('login','user/login','POST');
       Route::rule('getTxhashDetail','transaction/getTxhashDetail','GET|POST');
       Route::rule('createAddress','transaction/createAddress','GET|POST');
 
-
-})->middleware(\app\api\middleware\AllowCrossDomain::class);
+    // \think\middleware\AllowCrossDomain::class
+})->middleware(\think\middleware\AllowCrossDomain::class);
 
 
 

app/middleware.php

@@ -7,5 +7,5 @@ return [
     //应用结束
     app\common\middleware\EndApp::class,
 
-    \app\api\middleware\AllowCrossDomain::class,
+    \think\middleware\AllowCrossDomain::class
 ];