更新提现功能，新增私钥文件 URL 配置选项以支持从远程拉取私钥，优化相关错误处理逻辑，确保在转账前正确加载私钥。同时，更新文档以反映新的环境变量配置，提升系统的灵活性和用户体验。

2026-02-09 11:12:16 +08:00
parent de10a203b3
commit 6d7e06449f
53 changed files with 12485 additions and 5 deletions
--- a/middleware.ts
+++ b/middleware.ts
@@ -0,0 +1,46 @@
+import { NextResponse } from 'next/server'
+import type { NextRequest } from 'next/server'
+
+/** 允许的跨域来源（管理端独立项目、本地开发） */
+const ALLOWED_ORIGINS = [
+  'http://localhost:5174',   // soul-admin 开发
+  'http://127.0.0.1:5174',
+  'https://soul.quwanzhi.com', // 若管理端与 API 同域则不需要，预留
+]
+
+function getCorsHeaders(origin: string | null) {
+  const allowOrigin = origin && ALLOWED_ORIGINS.includes(origin) ? origin : ALLOWED_ORIGINS[0]
+  return {
+    'Access-Control-Allow-Origin': allowOrigin,
+    'Access-Control-Allow-Methods': 'GET, POST, PUT, DELETE, OPTIONS',
+    'Access-Control-Allow-Headers': 'Content-Type, Authorization',
+    'Access-Control-Allow-Credentials': 'true',
+    'Access-Control-Max-Age': '86400',
+  }
+}
+
+export function middleware(req: NextRequest) {
+  const origin = req.headers.get('origin') || ''
+  const isApi = req.nextUrl.pathname.startsWith('/api/')
+
+  if (!isApi) {
+    return NextResponse.next()
+  }
+
+  const corsHeaders = getCorsHeaders(origin || 'http://localhost:5174')
+
+  // 预检请求：直接返回 200 + CORS 头
+  if (req.method === 'OPTIONS') {
+    return new NextResponse(null, { status: 204, headers: corsHeaders })
+  }
+
+  const res = NextResponse.next()
+  Object.entries(corsHeaders).forEach(([key, value]) => {
+    res.headers.set(key, value)
+  })
+  return res
+}
+
+export const config = {
+  matcher: '/api/:path*',
+}