部署保险端项目和大屏

2025-09-30 17:41:21 +08:00
parent 4e8d4dc92d
commit e9be0f9d98
767 changed files with 50062 additions and 24144 deletions
--- a/insurance_backend/src/app.js
+++ b/insurance_backend/src/app.js
@@ -19,11 +19,42 @@ const PORT = process.env.PORT || 3000;
 // 安全中间件
 app.use(helmet());
 app.use(cors({
-  origin: [
-    process.env.FRONTEND_URL || 'http://localhost:3001',
-    'http://localhost:3002'
+  origin: function (origin, callback) {
+    // 允许的域名列表
+    const allowedOrigins = [
+      process.env.FRONTEND_URL || 'http://localhost:3001',
+      'http://127.0.0.1:3001',
+      'http://localhost:3002',
+      'http://127.0.0.1:3002',
+      'https://ad.ningmuyun.com',
+      'https://www.ningmuyun.com',
+      'https://ningmuyun.com'
+    ];
+    
+    // 允许没有origin的请求（如移动应用、Postman等）
+    if (!origin) return callback(null, true);
+    
+    if (allowedOrigins.indexOf(origin) !== -1) {
+      callback(null, true);
+    } else {
+      console.log('CORS blocked origin:', origin);
+      callback(new Error('Not allowed by CORS'));
+    }
+  },
+  credentials: true,
+  methods: ['GET', 'POST', 'PUT', 'DELETE', 'OPTIONS', 'PATCH'],
+  allowedHeaders: [
+    'Content-Type', 
+    'Authorization', 
+    'X-Requested-With',
+    'Accept',
+    'Cache-Control',
+    'Pragma',
+    'Origin',
+    'Access-Control-Request-Method',
+    'Access-Control-Request-Headers'
  ],
-  credentials: true
+  optionsSuccessStatus: 200
 }));

 // 速率限制 - 开发环境下放宽限制