重新修改跨站问题，使用nginx配置进行处理，修改department文件中返回结果错误的问题

2025-11-18 16:07:59 +08:00 · 2025-11-18 16:07:59 +08:00 · 8a994fe9d6
commit 8a994fe9d6
parent 6e8d06dad3
3 changed files with 11 additions and 20 deletions
--- a/conf/nginx.conf
+++ b/conf/nginx.conf
@ -53,19 +53,12 @@ http {
        set $APP_PATH '/home/frankly/work/AuthPlatform';

        # 全局 CORS 配置 访问时允许跨域处理
-        access_by_lua_block {
-            ngx.header["Access-Control-Allow-Origin"] = "*"  -- 允许所有源，或者指定特定的源，例如 "http://example.com"
-            --ngx.header["Access-Control-Allow-Methods"] = "GET, POST, PUT, DELETE, OPTIONS"
-            ngx.header["Access-Control-Allow-Methods"] = "*"
-            --ngx.header["Access-Control-Allow-Headers"] = "Content-Type, Authorization"
-            ngx.header["Access-Control-Allow-Headers"] = "*"
-            ngx.header["Access-Control-Max-Age"] = 1728000  -- 预检结果缓存时间，单位秒
-            print("request_method:", ngx.var.request_method)
-            if ngx.var.request_method == "OPTIONS" then
-                ngx.header["Content-Length"] = 0  -- 对于 OPTIONS 请求，内容长度为0
-                ngx.status = 204  -- No Content，适用于 OPTIONS 请求的响应状态码
-                ngx.exit(ngx.OK)  -- 结束请求处理
-            end
+        add_header Access-Control-Allow-Origin *;
+        add_header Access-Control-Allow-Methods 'GET, POST, PUT, DELETE, OPTIONS';
+        add_header Access-Control-Allow-Headers 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization';
+
+        if ($request_method = 'OPTIONS') {
+            return 204;
        }

        #OP端点配置
--- a/src/auth/jwt-auth.lua
+++ b/src/auth/jwt-auth.lua
@ -2,6 +2,8 @@ local jwt = require "resty.jwt"
 local cjson = require("cjson.safe")
 local jsonschema = require("jsonschema")
 local conf = require("config")
+local status = require("util.status")
+local resp = require("util.response")

 -- 定义一个JSON Schema
 local schema = {
@ -11,12 +13,6 @@ local schema = {
    }, required = {"Authorization"}
 }

--对域检方法类型进行直接返回
-if ngx.var.request_method == "OPTIONS" then
-    ngx.status = 204  -- No Content，适用于 OPTIONS 请求的响应状态码
-    ngx.exit(ngx.OK)  -- 结束请求处理
-end
-
 --获取用户认证数据信息
 local auth_header = ngx.var.http_Authorization

--- a/src/service/system/department.lua
+++ b/src/service/system/department.lua
@ -22,7 +22,9 @@ function _M.getSystemDepartments()
        ngx.exit(ngx.HTTP_FORBIDDEN)
    end
    local code, ret = departmentDao.getSystemDepartments()
-    resp:response(code, ret)
+    local state = status.SUCCESS
+    if code ~= 0 then state = status.DATA_IS_WRONG end
+    resp: response(state, ret)
 end

 --根据组织id获取组织架构信息