refactor: 修改跨域返回头中允许Authorization暴露
This commit is contained in:
4
.env.dev
4
.env.dev
@@ -12,8 +12,8 @@ DB_PREFIX = ow_
|
|||||||
DEFAULT_LANG = zh-cn
|
DEFAULT_LANG = zh-cn
|
||||||
|
|
||||||
[JWT]
|
[JWT]
|
||||||
TTL = 3600
|
TTL=3600
|
||||||
REFRESH_TTL = 20160
|
REFRESH_TTL=20160
|
||||||
SECRET=b43e6276644ed60e65c50d1b324ba10b
|
SECRET=b43e6276644ed60e65c50d1b324ba10b
|
||||||
|
|
||||||
# 后台不需要登录的接口
|
# 后台不需要登录的接口
|
||||||
|
|||||||
@@ -20,3 +20,7 @@ SECRET=b43e6276644ed60e65c50d1b324ba10b
|
|||||||
[ADMIN_AUTH]
|
[ADMIN_AUTH]
|
||||||
WHITE_LIST[] = v1/user/login
|
WHITE_LIST[] = v1/user/login
|
||||||
WHITE_LIST[] = v1/user/captcha
|
WHITE_LIST[] = v1/user/captcha
|
||||||
|
|
||||||
|
# 不需记录日志的接口
|
||||||
|
[ADMIN_API]
|
||||||
|
IGNORE_LOGGING_LIST[] = v1/OperateLog/index
|
||||||
@@ -6,7 +6,7 @@ return [
|
|||||||
'allowed_origins_patterns' => [],
|
'allowed_origins_patterns' => [],
|
||||||
'allowed_methods' => ['GET', 'POST', 'DELETE', 'PUT', 'OPTIONS'],
|
'allowed_methods' => ['GET', 'POST', 'DELETE', 'PUT', 'OPTIONS'],
|
||||||
'allowed_headers' => ['Content-Type', 'Authorization', 'Refresh-Authorization', 'Content-Disposition'],
|
'allowed_headers' => ['Content-Type', 'Authorization', 'Refresh-Authorization', 'Content-Disposition'],
|
||||||
'exposed_headers' => [],
|
'exposed_headers' => ['Authorization'],
|
||||||
'max_age' => 7200,
|
'max_age' => 7200,
|
||||||
'supports_credentials' => true,
|
'supports_credentials' => true,
|
||||||
];
|
];
|
||||||
|
|||||||
Reference in New Issue
Block a user