🐛 刷新token与跨域问题

2020-12-24 20:25:40 +08:00
parent 070b6294cb
commit 17f8c4ae1c
5 changed files with 11 additions and 9 deletions
--- a/.gitignore
+++ b/.gitignore
@ -21,4 +21,5 @@ dist/
 # Dependency directories (remove the comment below to include it)
 # vendor/
 *.yml
-bin/*
+bin/*
+alist
--- a/README.md
+++ b/README.md
@ -1,4 +1,4 @@
-<p>
+<p align="center">
    <img src="https://img.oez.cc/2020/12/24/1fb16bc25a4f6.png" alt="RenewalManage Logo" width=200/>
 </p>
 <p align="center">
@ -10,6 +10,7 @@
    <img src="https://img.shields.io/badge/%24-donate-ff69b4.svg" alt="donate">
  </a>
 </p>
+---

 ### 这是什么？

@ -47,6 +48,7 @@
 - [x] `Readme`渲染
 - [x] 密码加密
 - [ ] 搜索与翻页
+- [ ] 文件直链
 - [ ] 路径优化
 - [ ] 缓存

--- a/alidrive/auth.go
+++ b/alidrive/auth.go
@ -66,9 +66,10 @@ func RefreshToken() bool {
 			return false
 		}
 	}
-	//刷新成功 更新token
+	//刷新成功 更新token并写入文件
 	conf.Conf.AliDrive.AccessToken=token.AccessToken
 	conf.Conf.AliDrive.RefreshToken=token.RefreshToken
 	conf.Authorization=token.TokenType+"\t"+token.AccessToken
+	utils.WriteToYml(conf.Con,conf.Conf)
 	return true
 }
--- a/bootstrap/cron.go
+++ b/bootstrap/cron.go
@ -2,8 +2,6 @@ package bootstrap

 import (
 	"github.com/Xhofe/alist/alidrive"
-	"github.com/Xhofe/alist/conf"
-	"github.com/Xhofe/alist/utils"
 	"github.com/robfig/cron/v3"
 	log "github.com/sirupsen/logrus"
 )
@ -12,7 +10,6 @@ var Cron *cron.Cron

 func refreshToken()  {
 	alidrive.RefreshToken()
-	utils.WriteToYml(conf.Con,conf.Conf)
 }

 func InitCron() {
--- a/server/middlewares.go
+++ b/server/middlewares.go
@ -1,6 +1,7 @@
 package server

 import (
+	"github.com/Xhofe/alist/conf"
 	"github.com/gin-gonic/gin"
 	"net/http"
 )
@ -9,13 +10,13 @@ func CrosHandler() gin.HandlerFunc {
 	return func(context *gin.Context) {
 		method := context.Request.Method
 		context.Writer.Header().Set("Access-Control-Allow-Origin", "*")
-		context.Header("Access-Control-Allow-Origin", "*") // 设置允许访问所有域
+		context.Header("Access-Control-Allow-Origin", conf.Conf.Info.SiteUrl) // 设置允许访问所有域
 		context.Header("Access-Control-Allow-Methods", "POST, GET, OPTIONS, PUT, DELETE,UPDATE")
 		context.Header("Access-Control-Allow-Headers", "Authorization, Content-Length, X-CSRF-Token, Token,session,X_Requested_With,Accept, Origin, Host, Connection, Accept-Encoding, Accept-Language,DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Pragma,token,openid,opentoken")
 		context.Header("Access-Control-Expose-Headers", "Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers,Cache-Control,Content-Language,Content-Type,Expires,Last-Modified,Pragma,FooBar")
 		context.Header("Access-Control-Max-Age", "172800")
-		context.Header("Access-Control-Allow-Credentials", "false")
-		context.Set("content-type", "application/json")  //设置返回格式是json
+		context.Header("Access-Control-Allow-Credentials", "true")
+		//context.Set("content-type", "application/json")  //设置返回格式是json

 		if method == "OPTIONS" {
 			context.JSON(http.StatusOK, metaResponse(200,"Options Request!"))