add cors

internal/shared/middleware/cors.go

@@ -1,6 +1,7 @@
 package middleware
 
 import (
+	"strings"
 	"tyapi-server/internal/config"
 
 	"github.com/gin-contrib/cors"
@@ -67,8 +68,13 @@ func (m *CORSMiddleware) getAllowedOrigins() []string {
 		return []string{"http://localhost:3000", "http://localhost:8080"}
 	}
 
-	// TODO: 解析配置中的origins字符串
-	return []string{m.config.Development.CorsOrigins}
+	// 解析配置中的origins字符串，按逗号分隔
+	origins := strings.Split(m.config.Development.CorsOrigins, ",")
+	// 去除空格
+	for i, origin := range origins {
+		origins[i] = strings.TrimSpace(origin)
+	}
+	return origins
 }
 
 // getAllowedMethods 获取允许的方法
@@ -79,8 +85,13 @@ func (m *CORSMiddleware) getAllowedMethods() []string {
 		}
 	}
 
-	// TODO: 解析配置中的methods字符串
-	return []string{m.config.Development.CorsMethods}
+	// 解析配置中的methods字符串，按逗号分隔
+	methods := strings.Split(m.config.Development.CorsMethods, ",")
+	// 去除空格
+	for i, method := range methods {
+		methods[i] = strings.TrimSpace(method)
+	}
+	return methods
 }
 
 // getAllowedHeaders 获取允许的头部
@@ -88,17 +99,23 @@ func (m *CORSMiddleware) getAllowedHeaders() []string {
 	if m.config.Development.CorsHeaders == "" {
 		return []string{
 			"Origin",
-			"Content-Length",
 			"Content-Type",
-			"Authorization",
-			"X-Requested-With",
+			"Content-Length",
 			"Accept",
 			"Accept-Encoding",
 			"Accept-Language",
+			"Authorization",
+			"X-Requested-With",
 			"X-Request-ID",
+			"Access-Id",
 		}
 	}
 
-	// TODO: 解析配置中的headers字符串
-	return []string{m.config.Development.CorsHeaders}
+	// 解析配置中的headers字符串，按逗号分隔
+	headers := strings.Split(m.config.Development.CorsHeaders, ",")
+	// 去除空格
+	for i, header := range headers {
+		headers[i] = strings.TrimSpace(header)
+	}
+	return headers
 }