tongtong/youlai-boot
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: 开启CORS资源共享,解决浏览器跨域访问限制

Browse Source
This commit is contained in:
horizons
2022-10-24 23:28:16 +08:00
parent de9157143a
commit 1ef29a0352
4 changed files with 50 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

37
src/main/java/com/youlai/system/config/CorsConfig.java Normal file
View File

@@ -0,0 +1,37 @@
package com.youlai.system.config;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
import org.springframework.web.filter.CorsFilter;
import java.util.Collections;
/**
* 开启CORS资源共享
*
* @author haoxr
* @date 2022/10/24
*/
@Configuration
public class CorsConfig {
@Bean
public CorsFilter corsFilter() {
CorsConfiguration corsConfiguration = new CorsConfiguration();
//1.允许任何来源
corsConfiguration.setAllowedOriginPatterns(Collections.singletonList("*"));
//2.允许任何请求头
corsConfiguration.addAllowedHeader(CorsConfiguration.ALL);
//3.允许任何方法
corsConfiguration.addAllowedMethod(CorsConfiguration.ALL);
//4.允许凭证
corsConfiguration.setAllowCredentials(true);
UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
source.registerCorsConfiguration("/**", corsConfiguration);
return new CorsFilter(source);
}
}

5
src/main/java/com/youlai/system/security/SecurityConfig.java → src/main/java/com/youlai/system/config/SecurityConfig.java
View File

@@ -1,6 +1,6 @@
package com.youlai.system.security; package com.youlai.system.config;
import com.youlai.system.security.jwt.JwtAuthenticationFilter; import com.youlai.system.filter.JwtAuthenticationFilter;
import com.youlai.system.security.jwt.JwtTokenManager; import com.youlai.system.security.jwt.JwtTokenManager;
import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Configuration;
@@ -11,7 +11,6 @@ import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer; import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer;
import org.springframework.security.config.http.SessionCreationPolicy; import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.SecurityFilterChain; import org.springframework.security.web.SecurityFilterChain;

13
src/main/java/com/youlai/system/security/jwt/JwtAuthenticationFilter.java → src/main/java/com/youlai/system/filter/JwtAuthenticationFilter.java
View File

@@ -1,15 +1,19 @@
package com.youlai.system.security.jwt; package com.youlai.system.filter;
import cn.hutool.core.util.StrUtil; import cn.hutool.core.util.StrUtil;
import com.youlai.system.common.result.ResultCode; import com.youlai.system.common.result.ResultCode;
import com.youlai.system.security.jwt.JwtTokenManager;
import com.youlai.system.util.ResponseUtils; import com.youlai.system.util.ResponseUtils;
import org.springframework.http.HttpMethod;
import org.springframework.security.core.Authentication; import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.web.filter.OncePerRequestFilter; import org.springframework.web.filter.OncePerRequestFilter;
import javax.servlet.FilterChain; import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
/** /**
* jwt auth token filter. * jwt auth token filter.
@@ -27,8 +31,11 @@ public class JwtAuthenticationFilter extends OncePerRequestFilter {
} }
@Override @Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain) { protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws ServletException, IOException {
if(HttpMethod.OPTIONS.matches(request.getMethod()) ){
chain.doFilter(request, response);
return;
}
String jwt = resolveToken(request); String jwt = resolveToken(request);
if (StrUtil.isNotBlank(jwt) && SecurityContextHolder.getContext().getAuthentication() == null) { if (StrUtil.isNotBlank(jwt) && SecurityContextHolder.getContext().getAuthentication() == null) {
try { try {

2
src/main/resources/mapper/SysUserMapper.xml
View File

@@ -21,7 +21,7 @@
sys_user u sys_user u
LEFT JOIN sys_dept d ON u.dept_id = d.id LEFT JOIN sys_dept d ON u.dept_id = d.id
LEFT JOIN sys_user_role sur ON u.id = sur.user_id LEFT JOIN sys_user_role sur ON u.id = sur.user_id
LEFT JOIN sys_role r ON ur.role_id = r.id LEFT JOIN sys_role r ON sur.role_id = r.id
<where> <where>
u.deleted = 0 u.deleted = 0
<if test='queryParams.keywords!=null and queryParams.keywords.trim() neq ""'> <if test='queryParams.keywords!=null and queryParams.keywords.trim() neq ""'>