跨域手动配置

2024-05-05 22:39:48 +08:00 · 2024-05-05 22:39:48 +08:00 · fea726f2ed
parent d209c360db
commit fea726f2ed
3 changed files with 37 additions and 0 deletions
--- a/src/main/java/com/example/filter/CorsFilter.java
+++ b/src/main/java/com/example/filter/CorsFilter.java
@ -0,0 +1,32 @@
+package com.example.filter;
+
+import com.example.utils.Const;
+import jakarta.servlet.FilterChain;
+import jakarta.servlet.ServletException;
+import jakarta.servlet.http.HttpFilter;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import org.springframework.core.annotation.Order;
+import org.springframework.stereotype.Component;
+
+import java.io.IOException;
+
+
+@Component
+@Order(Const.ORDER_CORS)
+public class CorsFilter  extends HttpFilter {
+    @Override
+    protected void doFilter(HttpServletRequest request,
+                            HttpServletResponse response,
+                            FilterChain chain) throws IOException, ServletException {
+        this.addCorsHeader(request , response);
+        chain.doFilter(request, response);
+    }
+
+    private void addCorsHeader(HttpServletRequest request,
+                               HttpServletResponse response){
+        response.addHeader("Access-Control-Allow-Origin" , request.getHeader("Origin"));
+        response.addHeader("Access-Control-Allow-Methods", "GET , POST , PUT, DELETE , OPTIONS");
+        response.addHeader("Access-Control-Allow-Headers", "Authorization , Content-Type ");
+    }
+}
--- a/src/main/java/com/example/utils/Const.java
+++ b/src/main/java/com/example/utils/Const.java
@ -2,4 +2,7 @@ package com.example.utils;

 public class Const {
    public static  final String JWT_BLACK_LIST = "jwt:blacklist:";
+
+    public static final int ORDER_CORS = -102;
+
 }
--- a/src/main/resources/application.yaml
+++ b/src/main/resources/application.yaml
@ -1,6 +1,8 @@

 spring:
  security:
+    filter:
+      order: -100 #默认值为-100
    jwt:
      key: abcdefgh
      expire: 7