From 2f6a9679da7700e48219d70b898d1774689e0562 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E7=A6=BE=E5=87=A0=E6=B5=B7?= <zh56462271@qq.com>
Date: Mon, 18 May 2020 08:30:50 +0800
Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E5=A4=8D=E8=B7=A8=E5=9F=9F=E6=83=85?=
 =?UTF-8?q?=E5=86=B5=E4=B8=8B=E5=89=8D=E5=8F=B0=E8=8E=B7=E5=8F=96=E4=B8=8D?=
 =?UTF-8?q?=E5=88=B0Authorization=E5=93=8D=E5=BA=94=E5=AD=97=E6=AE=B5?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../java/cn/celess/blog/configuration/CorsConfig.java | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/src/main/java/cn/celess/blog/configuration/CorsConfig.java b/src/main/java/cn/celess/blog/configuration/CorsConfig.java
index 2638306..f2b1634 100644
--- a/src/main/java/cn/celess/blog/configuration/CorsConfig.java
+++ b/src/main/java/cn/celess/blog/configuration/CorsConfig.java
@@ -1,5 +1,6 @@
 package cn.celess.blog.configuration;
 
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.web.cors.CorsConfiguration;
@@ -13,6 +14,9 @@ import org.springframework.web.filter.CorsFilter;
  */
 @Configuration
 public class CorsConfig {
+    @Value("${spring.profiles.active}")
+    private String activeModel;
+
     @Bean
     public CorsFilter corsFilter() {
         UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
@@ -22,14 +26,17 @@ public class CorsConfig {
         config.addAllowedOrigin("https://celess.cn");
         config.addAllowedOrigin("https://www.celess.cn");
         // 本地调试时的跨域
-        config.addAllowedOrigin("http://localhost:4200");
-        config.addAllowedOrigin("http://127.0.0.1:4200");
+        if ("dev".equals(activeModel)) {
+            config.addAllowedOrigin("http://localhost:4200");
+            config.addAllowedOrigin("http://127.0.0.1:4200");
+        }
         config.addAllowedHeader("*");
         config.addAllowedMethod("OPTIONS");
         config.addAllowedMethod("GET");
         config.addAllowedMethod("POST");
         config.addAllowedMethod("PUT");
         config.addAllowedMethod("DELETE");
+        config.addExposedHeader("Authorization");
         config.setAllowCredentials(true);
         config.setMaxAge(10800L);
         source.registerCorsConfiguration("/**", config);