server {
   listen       80;
   listen  [::]:80;
   # ========== 重点修改1：把 localhost 改成你的前端域名 ==========
   server_name  bmsm27.kptyun.com;

   gzip on;
   gzip_static on;
   gzip_comp_level 6;
   gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;

   location / {
        root /usr/share/nginx/html;
        try_files $uri $uri/ /index.html;
        client_max_body_size 300m;
        client_body_timeout 20s;
   }

   # ========== 核心新增：后端接口代理转发规则（解决跨域的关键，必加） ==========
   # 匹配你的后端所有接口，比如 /auth /api /xxx 等全部走这个代理
   location ^~ /auth {
        # 代理转发到你的后端真实接口地址
        proxy_pass http://bmsm278082.kptyun.com/auth;
        # 下面是代理必备的请求头，缺一不可，解决跨域+接口正常通信
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_connect_timeout 60s;
        proxy_read_timeout 60s;
        # 解决预检OPTIONS请求跨域
        add_header Access-Control-Allow-Origin *;
        add_header Access-Control-Allow-Methods 'GET, POST, OPTIONS, PUT, DELETE';
        add_header Access-Control-Allow-Headers 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization';
        if ($request_method = 'OPTIONS') {
            return 204;
        }
   }

   # 【可选】如果你的后端还有其他接口，比如 /api/** ，就加这个规则，格式和上面一致
   # location ^~ /api {
   #      proxy_pass http://bmsm278082.kptyun.com/api;
   #      proxy_set_header Host $host;
   #      proxy_set_header X-Real-IP $remote_addr;
   # }

   error_page   500 502 503 504  /50x.html;
   location = /50x.html {
      root   /usr/share/nginx/html;
   }
}