From 9f739449255b46d49ebee3db149d7d304fce903d Mon Sep 17 00:00:00 2001
From: jshixiong <2645476194@qq.com>
Date: Tue, 13 May 2025 10:18:18 +0800
Subject: [PATCH] =?UTF-8?q?fix:=E8=B7=A8=E5=9F=9F?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 app/__init__.py | 18 ++++++++++++++++--
 1 file changed, 16 insertions(+), 2 deletions(-)

diff --git a/app/__init__.py b/app/__init__.py
index c08885c..0f3a85d 100644
--- a/app/__init__.py
+++ b/app/__init__.py
@@ -9,7 +9,7 @@ from .route.route import route_bp
 
 def create_app():
     app = Flask(__name__)
-    CORS(app)
+    CORS(app, supports_credentials=True)
     # CORS(app, resources={r"/*": {"origins": "*", "methods": "GET,POST,PUT,DELETE,OPTIONS"}})  # 允许所有源访问所有端点
     # CORS(app, resources={r"/*": {"origins": ["http://111.8.143.97", "http://113.246.243.98"]}}, supports_credentials=True)
 
@@ -30,7 +30,21 @@ def create_app():
     log_file_path = '/data/ww/py_sys_monitor/info/access_log'
 
     def log_request_response(response):
-        logging.info(f"响应头：{response.headers}")
+        # 获取请求的Origin头部
+        origin = request.headers.get('Origin')
+
+        # 设置Access-Control-Allow-Origin为请求的Origin
+        if origin:
+            response.headers.add('Access-Control-Allow-Origin', origin)
+
+        # 确保Access-Control-Allow-Credentials被设置为true
+        response.headers.add('Access-Control-Allow-Credentials', 'true')
+
+        # 添加其他需要的CORS头部
+        response.headers.add('Access-Control-Allow-Headers', 'Content-Type,Authorization')
+        response.headers.add('Access-Control-Allow-Methods', 'GET,PUT,POST,DELETE,OPTIONS')
+
+
         response_data = response.get_json(silent=True)
 
         if "route.get_resource" == request.endpoint: