11

app/middleware/ActionHook.php

@@ -13,7 +13,17 @@ class ActionHook implements MiddlewareInterface
     public function process(Request $request, callable $next) : Response
     {
         if ($request->controller) {
-
+            $headers = [
+                'Access-Control-Allow-Credentials' => 'true',
+                'Access-Control-Allow-Origin' => $request->header('origin', '*'),
+                'Access-Control-Allow-Methods' => $request->header('access-control-request-method', '*'),
+                'Access-Control-Allow-Headers' => $request->header('access-control-request-headers', '*'),
+            ];
+            if($request->method() == 'OPTIONS'){
+                $response = response('',204,$headers);
+                return $response;
+            }
+            log_alert($request->controller);
             // 禁止直接访问beforeAction afterAction
             if (substr($request->action,0,9) === '__before_' || substr($request->action,0,8) === '__after_') {
                 $callback = Route::getFallback() ?? function () {
@@ -38,7 +48,9 @@ class ActionHook implements MiddlewareInterface
                     return $after_response;
                 }
             }
-            
+            if($request->controller == '\\hg\\apidoc\\Controller' && !$response->getHeader('Access-Control-Allow-Methods')){
+                $response->withHeaders($headers);
+            }
             return $response;
         }
         return $next($request);