修改配置直接跨站，并对前端请求的options预检进行过滤，防止前端报错无法访问接口

conf/nginx.conf

@@ -13,7 +13,7 @@ http {
     client_max_body_size 1024M;      #允许最大100k的请求体
     client_body_buffer_size  1024M;   #设置缓冲区大小
 
-    #lua_code_cache off; #关闭代码缓存，修改lua脚本不需要重启
+    lua_code_cache on; #代码缓存
 
     lua_package_path '$prefix/src/?/?.lua;$prefix/src/?.lua;/home/frankly/work/AuthPlatform/src/?/?.lua;/home/frankly/work/AuthPlatform/src/?.lua;;';
     lua_package_cpath '$prefix/src/share/lib/?.so;/home/frankly/work/AuthPlatform/src/share/lib/?.so;;';
@@ -52,16 +52,19 @@ http {
         ## 应用路径 todo 路径问题
         set $APP_PATH '/home/frankly/work/AuthPlatform';
 
-        #访问时允许跨域处理
+        # 全局 CORS 配置 访问时允许跨域处理
         access_by_lua_block {
-            ngx.header["Access-Control-Allow-Origin"] = "*";
+            ngx.header["Access-Control-Allow-Origin"] = "*"  -- 允许所有源，或者指定特定的源，例如 "http://example.com"
-            ngx.header["Access-Control-Allow-Methods"] = "GET, POST, DELETE, PUT";
+            --ngx.header["Access-Control-Allow-Methods"] = "GET, POST, PUT, DELETE, OPTIONS"
-            ngx.header["Access-Control-Allow-Headers"] = "*";
+            ngx.header["Access-Control-Allow-Methods"] = "*"
-            ngx.header["Access-Control-Max-Age"] = 1728000;
+            --ngx.header["Access-Control-Allow-Headers"] = "Content-Type, Authorization"
-            ngx.header["Access-Control-Expose-Headers"] = "*";
+            ngx.header["Access-Control-Allow-Headers"] = "*"
+            ngx.header["Access-Control-Max-Age"] = 1728000  -- 预检结果缓存时间，单位秒
+            print("request_method:", ngx.var.request_method)
             if ngx.var.request_method == "OPTIONS" then
-                ngx.status = 204
+                ngx.header["Content-Length"] = 0  -- 对于 OPTIONS 请求，内容长度为0
-                ngx.exit(ngx.OK)
+                ngx.status = 204  -- No Content，适用于 OPTIONS 请求的响应状态码
+                ngx.exit(ngx.OK)  -- 结束请求处理
             end
         }
 

src/auth/jwt-auth.lua

@@ -11,6 +11,12 @@ local schema = {
     }, required = {"Authorization"}
 }
 
+--对域检方法类型进行直接返回
+if ngx.var.request_method == "OPTIONS" then
+    ngx.status = 204  -- No Content，适用于 OPTIONS 请求的响应状态码
+    ngx.exit(ngx.OK)  -- 结束请求处理
+end
+
 --获取用户认证数据信息
 local auth_header = ngx.var.http_Authorization
 

src/util/response.lua

@@ -13,6 +13,7 @@ function _M:json(state, message, data, http_status)
         msg = status.message
 	end
 	local response = { code = code, msg = msg, result = data, timestamp = ngx.time() }
+    print("response:", cjson.encode(response))
 	return {
 		code = response_status,
 		headers = { content_type = 'application/json; charset=UTF-8' },
@@ -27,6 +28,7 @@ function _M:json(state, data, http_status)
 	local msg = status.message
 	local response_status = http_status or ngx.HTTP_OK
     local response = { code = code, msg = msg, result = data,timestamp = ngx.time() }
+    --print("response:", cjson.encode(response))
     return {
         code = response_status,
         headers = { content_type = 'application/json; charset=UTF-8' },
@@ -59,14 +61,16 @@ function _M:send(response)
 			ngx.header[name] = value
 		end
 	end
+    --print("send data:", response.body)
     if response.body ~= nil then
+        --print("send data:", response.body)
         ngx.say(response.body)
 	end
 end
 
 function _M:response(state, result)
-	local response = self:json(state, result)
+	local resp = self:json(state, result)
-	self:send(response)
+	self:send(resp)
 end
 
 return _M