!5 修复特殊Header不识别

Merge pull request !5 from kingj/master
2025-04-06 03:58:00 +08:00 · 2018-02-28 17:14:44 +08:00 · 2018-02-28 17:14:44 +08:00 · be1162986e
commit be1162986e
parent deb3b7b7e5 6c98b99077
3 changed files with 5 additions and 5 deletions
--- a/application/admin/behavior/ApiAuth.php
+++ b/application/admin/behavior/ApiAuth.php
@ -23,16 +23,16 @@ class ApiAuth {
    public function run() {
        $request = Request::instance();
        $header = config('apiAdmin.CROSS_DOMAIN');
-        $userToken = $request->header('Authorization', '');
+        $userToken = $request->header('ApiAuth', '');
        if ($userToken) {
            $userInfo = cache($userToken);
            $userInfo = json_decode($userInfo, true);
            if (!$userInfo || !isset($userInfo['id'])) {
-                $data = ['code' => ReturnCode::AUTH_ERROR, 'msg' => 'Authorization不匹配', 'data' => []];
+                $data = ['code' => ReturnCode::AUTH_ERROR, 'msg' => 'ApiAuth不匹配', 'data' => []];
                return json($data, 200, $header);
            }
        } else {
-            $data = ['code' => ReturnCode::AUTH_ERROR, 'msg' => '缺少Authorization', 'data' => []];
+            $data = ['code' => ReturnCode::AUTH_ERROR, 'msg' => '缺少ApiAuth', 'data' => []];
            return json($data, 200, $header);
        }
    }
--- a/application/admin/behavior/ApiPermission.php
+++ b/application/admin/behavior/ApiPermission.php
@ -29,7 +29,7 @@ class ApiPermission {
        $request = Request::instance();
        $route = $request->routeInfo();
        $header = config('apiAdmin.CROSS_DOMAIN');
-        $userToken = $request->header('Authorization', '');
+        $userToken = $request->header('ApiAuth', '');
        $userInfo = cache($userToken);
        $userInfo = json_decode($userInfo, true);
        if (!$this->checkAuth($userInfo['id'], $route['route'])) {
--- a/application/extra/apiAdmin.php
+++ b/application/extra/apiAdmin.php
@ -29,7 +29,7 @@ return [
    'CROSS_DOMAIN' => [
        'Access-Control-Allow-Origin'      => '*',
        'Access-Control-Allow-Methods'     => 'POST,PUT,GET,DELETE',
-        'Access-Control-Allow-Headers'     => 'Authorization, User-Agent, Keep-Alive, Origin, No-Cache, X-Requested-With, If-Modified-Since, Pragma, Last-Modified, Cache-Control, Expires, Content-Type, X-E4M-With',
+        'Access-Control-Allow-Headers'     => 'ApiAuth, User-Agent, Keep-Alive, Origin, No-Cache, X-Requested-With, If-Modified-Since, Pragma, Last-Modified, Cache-Control, Expires, Content-Type, X-E4M-With',
        'Access-Control-Allow-Credentials' => 'true'
    ],