取消默认ssl

2021-12-08 23:15:03 +08:00 · 2021-12-08 23:15:03 +08:00 · bfd3d2937d
commit bfd3d2937d
parent 58099284f2
8 changed files with 26 additions and 17 deletions
--- a/.env.docker
+++ b/.env.docker
@ -2,12 +2,12 @@ APP_NAME=Dootask
 APP_ENV=local
 APP_KEY=
 APP_DEBUG=true
+APP_SCHEME=auto
 APP_URL=http://localhost

 APP_ID=
 APP_IPPR=
 APP_PORT=2222
-APP_PORT_SSL=2223

 LOG_CHANNEL=stack
 LOG_LEVEL=debug
--- a/.env.example
+++ b/.env.example
@ -2,10 +2,10 @@ APP_NAME=Laravel
 APP_ENV=local
 APP_KEY=
 APP_DEBUG=true
+APP_SCHEME=auto
 APP_URL=http://localhost

 APP_PORT=2222
-APP_PORT_SSL=2223

 LOG_CHANNEL=stack
 LOG_LEVEL=debug
--- a/README.md
+++ b/README.md
@ -63,6 +63,15 @@ password: 123456
 ./cmd mysql "your command"            // To run a mysql command (backup: Backup database, recovery: Restore database)
 ```

+### NGINX OPEN HTTPS
+``` 
+// .env add
+APP_SCHEME=1
+
+// nginx add
+proxy_set_header X-Forwarded-Proto $scheme;
+```
+
 ## Upgrade

 **Note: Please back up your data before upgrading!**
--- a/README_CN.md
+++ b/README_CN.md
@ -63,6 +63,15 @@ password: 123456
 ./cmd mysql "your command"            // 运行 mysql 命令 (backup: 备份数据库，recovery: 还原数据库)
 ```

+### 代理开启 HTTPS
+``` 
+// .env 文件添加
+APP_SCHEME=1
+
+// nginx 代理配置添加
+proxy_set_header X-Forwarded-Proto $scheme;
+```
+
 ## 升级更新

 **注意：在升级之前请备份好你的数据！**
--- a/app/Http/Middleware/WebApi.php
+++ b/app/Http/Middleware/WebApi.php
@ -6,7 +6,6 @@ namespace App\Http\Middleware;

 use Closure;
 use Request;
-use URL;

 class WebApi
 {
@ -28,13 +27,9 @@ class WebApi
            header('Access-Control-Allow-Headers:Content-Type, platform, platform-channel, token, release, Access-Control-Allow-Origin');
        }

-        $APP_FORCE_URL_SCHEME = env('APP_FORCE_URL_SCHEME', 'auto');
-        if ($APP_FORCE_URL_SCHEME == 'https' || $APP_FORCE_URL_SCHEME === true) {
-            URL::forceScheme('https');
-        } elseif ($APP_FORCE_URL_SCHEME == 'http' || $APP_FORCE_URL_SCHEME === false) {
-            URL::forceScheme('http');
-        } elseif (Request::header('x-forwarded-server-port', 80) == 443) {
-            URL::forceScheme('https');
+        $APP_SCHEME = env('APP_SCHEME', 'auto');
+        if (in_array(strtolower($APP_SCHEME), ['https', 'on', 'ssl', '1', 'true', 'yes'], true)) {
+            $request->setTrustedProxies([$request->getClientIp()], $request::HEADER_X_FORWARDED_PROTO);
        }

        return $next($request);
--- a/bin/run
+++ b/bin/run
@ -73,7 +73,7 @@ class runLoader
    }
 }

-$array = getopt('', ['port:', 'ssl:', 'mode:']);
+$array = getopt('', ['port:', 'mode:']);
 $loader = new runLoader();

 if (isset($array['mode'])) {
@ -84,9 +84,6 @@ $data = [];
 if (isset($array['port'])) {
    $data['APP_PORT'] = $array['port'];
 }
-if (isset($array['ssl'])) {
-    $data['APP_PORT_SSL'] = $array['ssl'];
-}
 if ($data) {
    $loader->modifyEnv($data);
 }
--- a/4
+++ b/4
@ -211,9 +211,9 @@ if [ $# -gt 0 ];then
    elif [[ "$1" == "https" ]]; then
        shift 1
        if [[ "$@" == "auto" ]];then
-            env_set APP_FORCE_URL_SCHEME "auto"
+            env_set APP_SCHEME "auto"
        else
-            env_set APP_FORCE_URL_SCHEME "true"
+            env_set APP_SCHEME "true"
        fi
        supervisorctl_restart php
    elif [[ "$1" == "artisan" ]]; then
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -34,7 +34,6 @@ services:
    image: "nginx:alpine"
    ports:
      - "${APP_PORT}:80"
-      - "${APP_PORT_SSL}:443"
    volumes:
      - ./docker/nginx:/etc/nginx/conf.d
      - ./public:/var/www/public