取消默认ssl

chinaguojian · Dec 8, 2021 · bfd3d29 · bfd3d29
1 parent 5809928
commit bfd3d29
Show file tree

Hide file tree

Showing 8 changed files with 26 additions and 17 deletions.
diff --git a/.env.docker b/.env.docker
@@ -2,12 +2,12 @@ APP_NAME=Dootask
 APP_ENV=local
 APP_KEY=
 APP_DEBUG=true
+APP_SCHEME=auto
 APP_URL=http://localhost
 
 APP_ID=
 APP_IPPR=
 APP_PORT=2222
-APP_PORT_SSL=2223
 
 LOG_CHANNEL=stack
 LOG_LEVEL=debug

diff --git a/.env.example b/.env.example
@@ -2,10 +2,10 @@ APP_NAME=Laravel
 APP_ENV=local
 APP_KEY=
 APP_DEBUG=true
+APP_SCHEME=auto
 APP_URL=http://localhost
 
 APP_PORT=2222
-APP_PORT_SSL=2223
 
 LOG_CHANNEL=stack
 LOG_LEVEL=debug

diff --git a/README.md b/README.md
@@ -63,6 +63,15 @@ password: 123456
 ./cmd mysql "your command"            // To run a mysql command (backup: Backup database, recovery: Restore database)
 ```
 
+### NGINX OPEN HTTPS
+``` 
+// .env add
+APP_SCHEME=1
+
+// nginx add
+proxy_set_header X-Forwarded-Proto $scheme;
+```
+
 ## Upgrade
 
 **Note: Please back up your data before upgrading!**

diff --git a/README_CN.md b/README_CN.md
@@ -63,6 +63,15 @@ password: 123456
 ./cmd mysql "your command"            // 运行 mysql 命令 (backup: 备份数据库，recovery: 还原数据库)
 ```
 
+### 代理开启 HTTPS
+``` 
+// .env 文件添加
+APP_SCHEME=1
+
+// nginx 代理配置添加
+proxy_set_header X-Forwarded-Proto $scheme;
+```
+
 ## 升级更新
 
 **注意：在升级之前请备份好你的数据！**

diff --git a/app/Http/Middleware/WebApi.php b/app/Http/Middleware/WebApi.php
@@ -6,7 +6,6 @@
 
 use Closure;
 use Request;
-use URL;
 
 class WebApi
 {
@@ -28,13 +27,9 @@ public function handle($request, Closure $next)
             header('Access-Control-Allow-Headers:Content-Type, platform, platform-channel, token, release, Access-Control-Allow-Origin');
         }
 
-        $APP_FORCE_URL_SCHEME = env('APP_FORCE_URL_SCHEME', 'auto');
-        if ($APP_FORCE_URL_SCHEME == 'https' || $APP_FORCE_URL_SCHEME === true) {
-            URL::forceScheme('https');
-        } elseif ($APP_FORCE_URL_SCHEME == 'http' || $APP_FORCE_URL_SCHEME === false) {
-            URL::forceScheme('http');
-        } elseif (Request::header('x-forwarded-server-port', 80) == 443) {
-            URL::forceScheme('https');
+        $APP_SCHEME = env('APP_SCHEME', 'auto');
+        if (in_array(strtolower($APP_SCHEME), ['https', 'on', 'ssl', '1', 'true', 'yes'], true)) {
+            $request->setTrustedProxies([$request->getClientIp()], $request::HEADER_X_FORWARDED_PROTO);
         }
 
         return $next($request);

diff --git a/bin/run b/bin/run
@@ -73,7 +73,7 @@ class runLoader
     }
 }
 
-$array = getopt('', ['port:', 'ssl:', 'mode:']);
+$array = getopt('', ['port:', 'mode:']);
 $loader = new runLoader();
 
 if (isset($array['mode'])) {
@@ -84,9 +84,6 @@ $data = [];
 if (isset($array['port'])) {
     $data['APP_PORT'] = $array['port'];
 }
-if (isset($array['ssl'])) {
-    $data['APP_PORT_SSL'] = $array['ssl'];
-}
 if ($data) {
     $loader->modifyEnv($data);
 }
diff --git a/cmd b/cmd
@@ -211,9 +211,9 @@ if [ $# -gt 0 ];then
     elif [[ "$1" == "https" ]]; then
         shift 1
         if [[ "$@" == "auto" ]];then
-            env_set APP_FORCE_URL_SCHEME "auto"
+            env_set APP_SCHEME "auto"
         else
-            env_set APP_FORCE_URL_SCHEME "true"
+            env_set APP_SCHEME "true"
         fi
         supervisorctl_restart php
     elif [[ "$1" == "artisan" ]]; then

diff --git a/docker-compose.yml b/docker-compose.yml
@@ -34,7 +34,6 @@ services:
     image: "nginx:alpine"
     ports:
       - "${APP_PORT}:80"
-      - "${APP_PORT_SSL}:443"
     volumes:
       - ./docker/nginx:/etc/nginx/conf.d
       - ./public:/var/www/public