befly 3.4.15 → 3.4.16

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/config/env.ts +12 -12
  2. package/lib/middleware.ts +10 -10
  3. package/package.json +2 -2
  4. package/router/api.ts +1 -0
package/config/env.ts CHANGED
@@ -87,17 +87,17 @@ export interface EnvConfig {
87
87
 
88
88
  // ========== CORS 配置 ==========
89
89
  /** 允许的来源 */
90
- ALLOWED_ORIGIN: string;
90
+ CORS_ALLOWED_ORIGIN: string;
91
91
  /** 允许的方法 */
92
- ALLOWED_METHODS: string;
92
+ CORS_ALLOWED_METHODS: string;
93
93
  /** 允许的头部 */
94
- ALLOWED_HEADERS: string;
94
+ CORS_ALLOWED_HEADERS: string;
95
95
  /** 暴露的头部 */
96
- EXPOSE_HEADERS: string;
96
+ CORS_EXPOSE_HEADERS: string;
97
97
  /** 预检请求缓存时间(秒) */
98
- MAX_AGE: number;
98
+ CORS_MAX_AGE: number;
99
99
  /** 是否允许凭证 */
100
- ALLOW_CREDENTIALS: string;
100
+ CORS_ALLOW_CREDENTIALS: string;
101
101
 
102
102
  // ========== 邮件配置 ==========
103
103
  /** 邮件服务器主机 */
@@ -183,12 +183,12 @@ export const Env: EnvConfig = {
183
183
  JWT_ALGORITHM: getEnv('JWT_ALGORITHM', 'HS256'),
184
184
 
185
185
  // ========== CORS 配置 ==========
186
- ALLOWED_ORIGIN: getEnv('ALLOWED_ORIGIN', '*'),
187
- ALLOWED_METHODS: getEnv('ALLOWED_METHODS', 'GET, POST, PUT, DELETE, OPTIONS'),
188
- ALLOWED_HEADERS: getEnv('ALLOWED_HEADERS', 'Content-Type, Authorization, authorization, token'),
189
- EXPOSE_HEADERS: getEnv('EXPOSE_HEADERS', 'Content-Range, X-Content-Range, Authorization, authorization, token'),
190
- MAX_AGE: getEnvNumber('MAX_AGE', 86400),
191
- ALLOW_CREDENTIALS: getEnv('ALLOW_CREDENTIALS', 'true'),
186
+ CORS_ALLOWED_ORIGIN: getEnv('CORS_ALLOWED_ORIGIN', '*'),
187
+ CORS_ALLOWED_METHODS: getEnv('CORS_ALLOWED_METHODS', 'GET, POST, PUT, DELETE, OPTIONS'),
188
+ CORS_ALLOWED_HEADERS: getEnv('CORS_ALLOWED_HEADERS', 'Content-Type, Authorization, authorization, token'),
189
+ CORS_EXPOSE_HEADERS: getEnv('CORS_EXPOSE_HEADERS', 'Content-Range, X-Content-Range, Authorization, authorization, token'),
190
+ CORS_MAX_AGE: getEnvNumber('CORS_MAX_AGE', 86400),
191
+ CORS_ALLOW_CREDENTIALS: getEnv('CORS_ALLOW_CREDENTIALS', 'true'),
192
192
 
193
193
  // ========== 邮件配置 ==========
194
194
  MAIL_HOST: getEnv('MAIL_HOST', ''),
package/lib/middleware.ts CHANGED
@@ -61,14 +61,14 @@ export const setCorsOptions = (req: Request): CorsResult => {
61
61
  const requestOrigin = req.headers.get('origin');
62
62
  let allowedOrigin = '*';
63
63
 
64
- // 如果配置了 ALLOWED_ORIGIN
65
- if (Env.ALLOWED_ORIGIN) {
64
+ // 如果配置了 CORS_ALLOWED_ORIGIN
65
+ if (Env.CORS_ALLOWED_ORIGIN) {
66
66
  // 如果配置为 *,使用请求的 origin(而不是返回 *)
67
- if (Env.ALLOWED_ORIGIN === '*') {
67
+ if (Env.CORS_ALLOWED_ORIGIN === '*') {
68
68
  allowedOrigin = requestOrigin || '*';
69
69
  } else {
70
70
  // 支持多个源,用逗号分隔
71
- const allowedOrigins = Env.ALLOWED_ORIGIN.split(',').map((origin) => origin.trim());
71
+ const allowedOrigins = Env.CORS_ALLOWED_ORIGIN.split(',').map((origin) => origin.trim());
72
72
 
73
73
  // 如果请求的 origin 在允许列表中,返回该 origin
74
74
  if (requestOrigin && allowedOrigins.includes(requestOrigin)) {
@@ -82,18 +82,18 @@ export const setCorsOptions = (req: Request): CorsResult => {
82
82
  }
83
83
  }
84
84
  } else if (requestOrigin) {
85
- // 没有配置 ALLOWED_ORIGIN,使用请求的 origin
85
+ // 没有配置 CORS_ALLOWED_ORIGIN,使用请求的 origin
86
86
  allowedOrigin = requestOrigin;
87
87
  }
88
88
 
89
89
  return {
90
90
  headers: {
91
91
  'Access-Control-Allow-Origin': allowedOrigin,
92
- 'Access-Control-Allow-Methods': Env.ALLOWED_METHODS || 'GET, POST, PUT, DELETE, OPTIONS',
93
- 'Access-Control-Allow-Headers': Env.ALLOWED_HEADERS || 'Content-Type, Authorization, authorization, token',
94
- 'Access-Control-Expose-Headers': Env.EXPOSE_HEADERS || 'Content-Range, X-Content-Range, Authorization, authorization, token',
95
- 'Access-Control-Max-Age': Env.MAX_AGE || 86400,
96
- 'Access-Control-Allow-Credentials': Env.ALLOW_CREDENTIALS || 'true'
92
+ 'Access-Control-Allow-Methods': Env.CORS_ALLOWED_METHODS || 'GET, POST, PUT, DELETE, OPTIONS',
93
+ 'Access-Control-Allow-Headers': Env.CORS_ALLOWED_HEADERS || 'Content-Type, Authorization, authorization, token',
94
+ 'Access-Control-Expose-Headers': Env.CORS_EXPOSE_HEADERS || 'Content-Range, X-Content-Range, Authorization, authorization, token',
95
+ 'Access-Control-Max-Age': Env.CORS_MAX_AGE || 86400,
96
+ 'Access-Control-Allow-Credentials': Env.CORS_ALLOW_CREDENTIALS || 'true'
97
97
  }
98
98
  };
99
99
  };
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "befly",
3
- "version": "3.4.15",
3
+ "version": "3.4.16",
4
4
  "description": "Befly - 为 Bun 专属打造的 TypeScript API 接口框架核心引擎",
5
5
  "type": "module",
6
6
  "private": false,
@@ -81,5 +81,5 @@
81
81
  "ora": "^9.0.0",
82
82
  "pathe": "^2.0.3"
83
83
  },
84
- "gitHead": "f7fad19e6c07b776a4a3c1aa83d09497ababb719"
84
+ "gitHead": "e1533f0a123ef756790fad4fc34dd9690a30f72e"
85
85
  }
package/router/api.ts CHANGED
@@ -21,6 +21,7 @@ import type { BeflyContext } from '../types/befly.js';
21
21
  export function apiHandler(apiRoutes: Map<string, ApiRoute>, pluginLists: Plugin[], appContext: BeflyContext) {
22
22
  return async (req: Request): Promise<Response> => {
23
23
  const corsOptions = setCorsOptions(req);
24
+ console.log('🔥[ corsOptions ]-24', corsOptions);
24
25
  let ctx: RequestContext | null = null;
25
26
  let api: ApiRoute | undefined;
26
27
  let apiPath = '';