feat: 添加跨域

asserts/qrcode/u3-320753572.png

@@ -0,0 +1 @@
+{"errcode":41001,"errmsg":"access_token missing rid: 60d59b78-595d0b73-04c0ba36"}

i2bill.go

@@ -31,6 +31,10 @@ func main() {
 	defer server.Stop()
 
 	handler.RegisterHandlers(server, ctx)
+
+	server.Use(handler.Cors(ctx))
+	server.AddRoutes(handler.CorsCheck())
+
 	server.AddRoutes(handler.Static("/asserts/", handler.LocalFile("asserts", false)))
 	fmt.Printf("Starting server at %s:%d...\n", c.Host, c.Port)
 	server.Start()

internal/handler/static.go → internal/handler/middles.go

@@ -7,6 +7,7 @@ import (
 	"strings"
 
 	"git.i2edu.net/i2/go-zero/rest"
+	"git.i2edu.net/i2/i2-bill-api/internal/svc"
 )
 
 const INDEX = "index.html"
@@ -98,3 +99,40 @@ func Static(urlPrefix string, fs ServeFileSystem) (r []rest.Route) {
 	}
 	return
 }
+
+// CorsCheck returns a middleware handler that serves static files in the given directory.
+func CorsCheck() (r []rest.Route) {
+	dirlevel := []string{":1", ":2", ":3", ":4", ":5", ":6", ":7", ":8"}
+	for i := 1; i < len(dirlevel); i++ {
+		path := "/" + strings.Join(dirlevel[:i], "/")
+		r = append(r, rest.Route{
+			Method: http.MethodOptions,
+			Path:   path,
+			Handler: func(w http.ResponseWriter, r *http.Request) {
+				w.Header().Set("Access-Control-Allow-Origin", "*")
+				w.Header().Set("Access-Control-Max-Age", "86400")
+				w.Header().Set("Access-Control-Allow-Methods", "POST, GET, PUT, DELETE, UPDATE, OPTIONS")
+				w.Header().Set("Access-Control-Allow-Headers", "token, Origin, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization")
+				w.Header().Set("Access-Control-Expose-Headers", "Content-Length, Content-Disposition")
+				w.Header().Set("Access-Control-Allow-Credentials", "true")
+				w.WriteHeader(http.StatusNoContent)
+			},
+		})
+	}
+	return r
+}
+
+// Cors returns a middleware handler that serves static files in the given directory.
+func Cors(ctx *svc.ServiceContext) func(next http.HandlerFunc) http.HandlerFunc {
+	return func(next http.HandlerFunc) http.HandlerFunc {
+		return func(w http.ResponseWriter, r *http.Request) {
+			w.Header().Set("Access-Control-Allow-Origin", "*")
+			w.Header().Set("Access-Control-Max-Age", "86400")
+			w.Header().Set("Access-Control-Allow-Methods", "POST, GET, PUT, DELETE, UPDATE, OPTIONS")
+			w.Header().Set("Access-Control-Allow-Headers", "token, Origin, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization")
+			w.Header().Set("Access-Control-Expose-Headers", "Content-Length, Content-Disposition")
+			w.Header().Set("Access-Control-Allow-Credentials", "true")
+			next.ServeHTTP(w, r)
+		}
+	}
+}