更新基础架构

2026-04-21 09:24:33 +08:00 · 2026-01-27 09:07:38 +08:00
parent 28f1a2855c
commit 4a34feec54
36 changed files with 1289 additions and 540 deletions
--- a/app/common/middleware/Cors.php
+++ b/app/common/middleware/Cors.php
@@ -0,0 +1,34 @@
+<?php
+
+namespace app\common\middleware;
+
+use Webman\MiddlewareInterface;
+use Webman\Http\Response;
+use Webman\Http\Request;
+
+/**
+ * 全局跨域中间件
+ * 处理前后端分离项目中的跨域请求问题
+ */
+class Cors implements MiddlewareInterface
+{
+    /**
+     * 处理请求
+     * @param Request $request 请求对象
+     * @param callable $handler 下一个中间件处理函数
+     * @return Response 响应对象
+     */
+    public function process(Request $request, callable $handler): Response
+    {
+        $response = strtoupper($request->method()) === 'OPTIONS' ? response('', 204) : $handler($request);
+
+        $response->withHeaders([
+            'Access-Control-Allow-Credentials' => 'true',
+            'Access-Control-Allow-Origin' => $request->header('origin', '*'),
+            'Access-Control-Allow-Methods' => $request->header('access-control-request-method', '*'),
+            'Access-Control-Allow-Headers' => $request->header('access-control-request-headers', '*'),
+        ]);
+
+        return $response;
+    }
+}
--- a/app/common/middleware/StaticFile.php
+++ b/app/common/middleware/StaticFile.php
@@ -0,0 +1,42 @@
+<?php
+/**
+ * This file is part of webman.
+ *
+ * Licensed under The MIT License
+ * For full copyright and license information, please see the MIT-LICENSE.txt
+ * Redistributions of files must retain the above copyright notice.
+ *
+ * @author    walkor<walkor@workerman.net>
+ * @copyright walkor<walkor@workerman.net>
+ * @link      http://www.workerman.net/
+ * @license   http://www.opensource.org/licenses/mit-license.php MIT License
+ */
+
+namespace app\common\middleware;
+
+use Webman\MiddlewareInterface;
+use Webman\Http\Response;
+use Webman\Http\Request;
+
+/**
+ * Class StaticFile
+ * @package app\middleware
+ */
+class StaticFile implements MiddlewareInterface
+{
+    public function process(Request $request, callable $handler): Response
+    {
+        // Access to files beginning with. Is prohibited
+        if (strpos($request->path(), '/.') !== false) {
+            return response('<h1>403 forbidden</h1>', 403);
+        }
+        /** @var Response $response */
+        $response = $handler($request);
+        // Add cross domain HTTP header
+        /*$response->withHeaders([
+            'Access-Control-Allow-Origin'      => '*',
+            'Access-Control-Allow-Credentials' => 'true',
+        ]);*/
+        return $response;
+    }
+}