ai_english/serve/internal/middleware/cors.go

package middleware

import (
	"net/http"

	"github.com/gin-gonic/gin"
)

// CORS 跨域中间件
func CORS() gin.HandlerFunc {
	return func(c *gin.Context) {
		method := c.Request.Method
		origin := c.Request.Header.Get("Origin")
		
		// 设置允许的域名
		if origin != "" {
			c.Header("Access-Control-Allow-Origin", origin)
		}
		
		// 设置允许的请求头
		c.Header("Access-Control-Allow-Headers", "Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With")
		
		// 设置允许的请求方法
		c.Header("Access-Control-Allow-Methods", "POST, OPTIONS, GET, PUT, DELETE, PATCH")
		
		// 设置是否允许携带凭证
		c.Header("Access-Control-Allow-Credentials", "true")
		
		// 设置预检请求的缓存时间
		c.Header("Access-Control-Max-Age", "86400")
		
		// 处理预检请求
		if method == "OPTIONS" {
			c.AbortWithStatus(http.StatusNoContent)
			return
		}
		
		c.Next()
	}
}