as is

2026-03-30 11:07:30 +08:00
parent 2c44b3a4b2
commit d4a8e71733
74 changed files with 1751 additions and 421 deletions
--- a/StopShopping.Api/Program.cs
+++ b/StopShopping.Api/Program.cs
@@ -1,10 +1,12 @@
 using Microsoft.AspNetCore.Authentication.JwtBearer;
+using Microsoft.AspNetCore.HostFiltering;
+using Microsoft.AspNetCore.HttpOverrides;
 using Microsoft.EntityFrameworkCore;
+using Microsoft.Extensions.Options;
 using Scalar.AspNetCore;
 using Serilog;
 using StopShopping.Api.Extensions;
 using StopShopping.Api.Routes;
-using StopShopping.Api.Workers;

 const string CORS_POLICY = "default";
 // 将启动日志写入控制台，用于捕获启动时异常，启动后WriteTo被后续配置替代
@@ -41,13 +43,11 @@ try
    },
        appConfiguration,
        builder.Configuration.GetSection("OpenPlatformOptions"));
-    builder.Services.AddHostedService<DbSeederBackgroundService>();
    /**********************************************************************/
    var app = builder.Build();

    if (app.Environment.IsDevelopment())
    {
-        app.UseDevelopmentCookie();
        app.MapOpenApi();
        app.MapScalarApiReference(options =>
        {
@@ -55,18 +55,30 @@ try
        });
    }

+    if (!app.Environment.IsDevelopment())
+    {
+        app.UseHostFiltering();
+
+        var forwardedHeadersOptions = new ForwardedHeadersOptions
+        {
+            ForwardedHeaders = ForwardedHeaders.All,
+        };
+        var hostFilteringOptions = app.Services.GetRequiredService<IOptions<HostFilteringOptions>>();
+        if (null != hostFilteringOptions)
+            forwardedHeadersOptions.AllowedHosts = hostFilteringOptions.Value.AllowedHosts;
+        app.UseForwardedHeaders(forwardedHeadersOptions);
+    }
+
    app.UseGlobalExceptionHandler();

-    app.UseRouting();
-
    app.UseCors(CORS_POLICY);

+    app.UseRouting();
+
    app.UseAuthentication();

    app.UseAuthorization();

-    app.MapStaticAssets().ShortCircuit();
-
    Root.MapRoutes(app);

    app.UseAntiforgery();