跨域优化，新增允许任何源访问Api策略，暴露验证接口。

Admin.Core.Common/Consts/AdminConsts.cs

@@ -2,6 +2,14 @@
 {
     public static partial class AdminConsts
     {
+        /// <summary>
+        /// 默认租户
+        /// </summary>
         public const string TenantName = "Default";
+
+        /// <summary>
+        /// 允许所有源访问策略
+        /// </summary>
+        public const string AllowAnyPolicyName = "AllowAnyPolicy";
     }
 }

Admin.Core/Admin.Core.Common.xml

@@ -795,6 +795,16 @@
             文件格式
             </summary>
         </member>
+        <member name="F:Admin.Core.Common.Consts.AdminConsts.TenantName">
+            <summary>
+            默认租户
+            </summary>
+        </member>
+        <member name="F:Admin.Core.Common.Consts.AdminConsts.AllowAnyPolicyName">
+            <summary>
+            允许所有源访问策略
+            </summary>
+        </member>
         <member name="T:Admin.Core.Common.Dbs.MySqlDb">
             <summary>
             多数据库命名

Admin.Core/Controllers/Admin/AuthController.cs

@@ -1,5 +1,6 @@
 using Admin.Core.Attributes;
 using Admin.Core.Common.Auth;
+using Admin.Core.Common.Consts;
 using Admin.Core.Common.Extensions;
 using Admin.Core.Common.Helpers;
 using Admin.Core.Common.Output;
@@ -11,6 +12,7 @@ using Admin.Core.Service.Admin.LoginLog.Input;
 using Admin.Core.Service.Admin.User;
 using Admin.Tools.Captcha;
 using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Cors;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.AspNetCore.Mvc.ModelBinding;
 using System;
@@ -99,6 +101,7 @@ namespace Admin.Core.Controllers.Admin
         [HttpGet]
         [AllowAnonymous]
         [NoOprationLog]
+        [EnableCors(AdminConsts.AllowAnyPolicyName)]
         public async Task<IResponseOutput> GetCaptcha()
         {
             var data = await _captcha.GetAsync();
@@ -112,6 +115,7 @@ namespace Admin.Core.Controllers.Admin
         [HttpGet]
         [AllowAnonymous]
         [NoOprationLog]
+        [EnableCors(AdminConsts.AllowAnyPolicyName)]
         public async Task<IResponseOutput> CheckCaptcha([FromQuery] CaptchaInput input)
         {
             var result = await _captcha.CheckAsync(input);

Admin.Core/Startup.cs

@@ -4,6 +4,7 @@ using Admin.Core.Common.Attributes;
 using Admin.Core.Common.Auth;
 using Admin.Core.Common.Cache;
 using Admin.Core.Common.Configs;
+using Admin.Core.Common.Consts;
 
 //using FluentValidation;
 //using FluentValidation.AspNetCore;
@@ -49,7 +50,7 @@ namespace Admin.Core
         private readonly IHostEnvironment _env;
         private readonly ConfigHelper _configHelper;
         private readonly AppConfig _appConfig;
-        private const string DefaultCorsPolicyName = "Allow";
+        private const string DefaultCorsPolicyName = "AllowPolicy";
 
         public Startup(IConfiguration configuration, IWebHostEnvironment env)
         {
@@ -131,6 +132,15 @@ namespace Admin.Core
                     }
                 });
 
+                //允许任何源访问Api策略，使用时在控制器或者接口上增加特性[EnableCors(AdminConsts.AllowAnyPolicyName)]
+                options.AddPolicy(AdminConsts.AllowAnyPolicyName, policy =>
+                {
+                    policy
+                    .AllowAnyOrigin()
+                    .AllowAnyHeader()
+                    .AllowAnyMethod();
+                });
+
                 /*
                 //浏览器会发起2次请求,使用OPTIONS发起预检请求，第二次才是api异步请求
                 options.AddPolicy("All", policy =>
@@ -446,9 +456,6 @@ namespace Admin.Core
                 app.UseIpRateLimiting();
             }
 
-            //跨域
-            app.UseCors(DefaultCorsPolicyName);
-
             //异常
             app.UseExceptionHandler("/Error");
 
@@ -458,6 +465,9 @@ namespace Admin.Core
             //路由
             app.UseRouting();
 
+            //跨域
+            app.UseCors(DefaultCorsPolicyName);
+
             //认证
             app.UseAuthentication();
 

Admin.Tools/Captcha/SlideJigsawCaptcha.cs

@@ -6,6 +6,7 @@ using System.Drawing;
 using System.Drawing.Drawing2D;
 using System.Drawing.Imaging;
 using System.IO;
+using System.Net.Http;
 using System.Threading.Tasks;
 
 namespace Admin.Tools.Captcha
@@ -265,15 +266,12 @@ namespace Admin.Tools.Captcha
             //var client = new HttpClient();
             //var stream = await client.GetStreamAsync("https://picsum.photos/310/155");
             //client.Dispose();
-
-            //更改图片尺寸
-            //Bitmap oriImage = new Bitmap(stream);
-            //Bitmap baseImage = ResizeImage(oriImage, 310, 155);
-            //oriImage.Dispose();
-
             //Bitmap baseImage = new Bitmap(stream);
+            //stream.Dispose();
 
             var oriImage = Image.FromFile(Directory.GetCurrentDirectory() + $@"\wwwroot\captcha\jigsaw\{new Random().Next(1, 4)}.jpg");
+            //更改图片尺寸
+            //Bitmap baseImage = ResizeImage(oriImage, 310, 155);
             Bitmap baseImage = new Bitmap(oriImage);
             oriImage.Dispose();