🐛 刷新token与跨域问题

.gitignore

@@ -22,3 +22,4 @@ dist/
 # vendor/
 *.yml
 bin/*
+alist

README.md

@@ -1,4 +1,4 @@
-<p>
+<p align="center">
     <img src="https://img.oez.cc/2020/12/24/1fb16bc25a4f6.png" alt="RenewalManage Logo" width=200/>
 </p>
 <p align="center">
@@ -10,6 +10,7 @@
     <img src="https://img.shields.io/badge/%24-donate-ff69b4.svg" alt="donate">
   </a>
 </p>
+---
 
 ### 这是什么？
 
@@ -47,6 +48,7 @@
 - [x] `Readme`渲染
 - [x] 密码加密
 - [ ] 搜索与翻页
+- [ ] 文件直链
 - [ ] 路径优化
 - [ ] 缓存
 

alidrive/auth.go

@@ -66,9 +66,10 @@ func RefreshToken() bool {
 			return false
 		}
 	}
-	//刷新成功 更新token
+	//刷新成功 更新token并写入文件
 	conf.Conf.AliDrive.AccessToken=token.AccessToken
 	conf.Conf.AliDrive.RefreshToken=token.RefreshToken
 	conf.Authorization=token.TokenType+"\t"+token.AccessToken
+	utils.WriteToYml(conf.Con,conf.Conf)
 	return true
 }

bootstrap/cron.go

@@ -2,8 +2,6 @@ package bootstrap
 
 import (
 	"github.com/Xhofe/alist/alidrive"
-	"github.com/Xhofe/alist/conf"
-	"github.com/Xhofe/alist/utils"
 	"github.com/robfig/cron/v3"
 	log "github.com/sirupsen/logrus"
 )
@@ -12,7 +10,6 @@ var Cron *cron.Cron
 
 func refreshToken()  {
 	alidrive.RefreshToken()
-	utils.WriteToYml(conf.Con,conf.Conf)
 }
 
 func InitCron() {

server/middlewares.go

@@ -1,6 +1,7 @@
 package server
 
 import (
+	"github.com/Xhofe/alist/conf"
 	"github.com/gin-gonic/gin"
 	"net/http"
 )
@@ -9,13 +10,13 @@ func CrosHandler() gin.HandlerFunc {
 	return func(context *gin.Context) {
 		method := context.Request.Method
 		context.Writer.Header().Set("Access-Control-Allow-Origin", "*")
-		context.Header("Access-Control-Allow-Origin", "*") // 设置允许访问所有域
+		context.Header("Access-Control-Allow-Origin", conf.Conf.Info.SiteUrl) // 设置允许访问所有域
 		context.Header("Access-Control-Allow-Methods", "POST, GET, OPTIONS, PUT, DELETE,UPDATE")
 		context.Header("Access-Control-Allow-Headers", "Authorization, Content-Length, X-CSRF-Token, Token,session,X_Requested_With,Accept, Origin, Host, Connection, Accept-Encoding, Accept-Language,DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Pragma,token,openid,opentoken")
 		context.Header("Access-Control-Expose-Headers", "Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers,Cache-Control,Content-Language,Content-Type,Expires,Last-Modified,Pragma,FooBar")
 		context.Header("Access-Control-Max-Age", "172800")
-		context.Header("Access-Control-Allow-Credentials", "false")
+		context.Header("Access-Control-Allow-Credentials", "true")
-		context.Set("content-type", "application/json")  //设置返回格式是json
+		//context.Set("content-type", "application/json")  //设置返回格式是json
 
 		if method == "OPTIONS" {
 			context.JSON(http.StatusOK, metaResponse(200,"Options Request!"))