From 559bbab6cb2be5e35d25833433e0046230033f31 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E6=9F=B3=E6=B8=85=E7=88=BD?= Date: Tue, 29 Apr 2025 10:13:02 +0800 Subject: [PATCH] =?UTF-8?q?Cookie=20=E8=B7=A8=E5=9F=9F=E9=97=AE=E9=A2=98?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../application/superadmin/config/cookie.php | 32 ++++++++++++++ .../controller/auth/AuthLoginController.php | 43 ++++++++++++++++++- Server/config/cookie.php | 2 +- 3 files changed, 74 insertions(+), 3 deletions(-) create mode 100644 Server/application/superadmin/config/cookie.php diff --git a/Server/application/superadmin/config/cookie.php b/Server/application/superadmin/config/cookie.php new file mode 100644 index 00000000..ce3a2f51 --- /dev/null +++ b/Server/application/superadmin/config/cookie.php @@ -0,0 +1,32 @@ + +// +---------------------------------------------------------------------- + +// +---------------------------------------------------------------------- +// | Cookie设置 +// +---------------------------------------------------------------------- +return [ + // cookie 名称前缀 + 'prefix' => '', + // cookie 保存时间 + 'expire' => 0, + // cookie 保存路径 + 'path' => '/', + // cookie 有效域名 + 'domain' => '', + // cookie 启用安全传输 + 'secure' => false, + // httponly设置 + 'httponly' => '', + // 是否使用 setcookie + 'setcookie' => true, + // 跨站需要 + 'SameSite' => 'None', +]; diff --git a/Server/application/superadmin/controller/auth/AuthLoginController.php b/Server/application/superadmin/controller/auth/AuthLoginController.php index 71c5ac8f..2af1a59f 100644 --- a/Server/application/superadmin/controller/auth/AuthLoginController.php +++ b/Server/application/superadmin/controller/auth/AuthLoginController.php @@ -94,8 +94,47 @@ class AuthLoginController extends Controller */ protected function setCookie(AdministratorModel $admin): void { - cookie('admin_id', $admin->id, 86400); - cookie('admin_token', $this->createToken($admin), 86400); + // 获取当前环境 + $env = app()->env->get('APP_ENV', 'production'); + + // 获取请求的域名 + $origin = $this->request->header('origin'); + $domain = ''; + + if ($origin) { + // 解析域名 + $parsedUrl = parse_url($origin); + if (isset($parsedUrl['host'])) { + // 如果是测试环境,使用完整的域名 + if ($env === 'testing') { + $domain = $parsedUrl['host']; + } else { + // 生产环境使用顶级域名 + $parts = explode('.', $parsedUrl['host']); + if (count($parts) > 1) { + $domain = '.' . $parts[count($parts)-2] . '.' . $parts[count($parts)-1]; + } + } + } + } + + // 设置cookie选项 + $options = [ + 'expire' => 86400, + 'path' => '/', + 'httponly' => true, + 'samesite' => 'None', // 允许跨域 + 'secure' => true // 仅 HTTPS 下有效 + ]; + + // 如果有域名,添加到选项 + if ($domain) { + $options['domain'] = $domain; + } + + // 设置cookies + \think\facade\Cookie::set('admin_id', $admin->id, $options); + \think\facade\Cookie::set('admin_token', $this->createToken($admin), $options); } /** diff --git a/Server/config/cookie.php b/Server/config/cookie.php index de67bbdf..ce3a2f51 100644 --- a/Server/config/cookie.php +++ b/Server/config/cookie.php @@ -28,5 +28,5 @@ return [ // 是否使用 setcookie 'setcookie' => true, // 跨站需要 - 'samesite' => 'None', + 'SameSite' => 'None', ];