fixed: 需要登录的api的跨域问题

2025-06-08 02:04:04 +08:00 · 2023-03-02 17:51:08 +08:00 · 2023-03-02 17:51:08 +08:00 · 64d10d961c
commit 64d10d961c
parent 751516807f
5 changed files with 12 additions and 22 deletions
--- a/src/main/java/xyz/playedu/api/PlayeduApiApplication.java
+++ b/src/main/java/xyz/playedu/api/PlayeduApiApplication.java
@ -2,10 +2,11 @@ package xyz.playedu.api;

 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.boot.web.servlet.ServletComponentScan;
 import org.springframework.scheduling.annotation.EnableAsync;

-@EnableAsync
@SpringBootApplication
+@EnableAsync
 public class PlayeduApiApplication {

    public static void main(String[] args) {
--- a/src/main/java/xyz/playedu/api/config/WebMvcConfig.java
+++ b/src/main/java/xyz/playedu/api/config/WebMvcConfig.java
@ -2,11 +2,9 @@ package xyz.playedu.api.config;

 import jakarta.annotation.Resource;
 import lombok.extern.slf4j.Slf4j;
-import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.web.servlet.config.annotation.CorsRegistry;
 import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
-import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
 import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
 import xyz.playedu.api.middleware.AdminAuthMiddleware;

@ -17,21 +15,18 @@ public class WebMvcConfig implements WebMvcConfigurer {
    @Resource
    private AdminAuthMiddleware adminAuthMiddleware;

-    @Value("${playedu.cors.origins}")
-    private String ConfigOrigins;
-
    @Override
    public void addInterceptors(InterceptorRegistry registry) {
        registry.addInterceptor(adminAuthMiddleware).addPathPatterns("/backend/**");
    }

-    @Override
-    public void addResourceHandlers(ResourceHandlerRegistry registry) {
-        WebMvcConfigurer.super.addResourceHandlers(registry);
-    }
-
    @Override
    public void addCorsMappings(CorsRegistry registry) {
-        registry.addMapping("/**").allowedOrigins(ConfigOrigins).allowedHeaders("*").allowedMethods("GET", "POST", "DELETE", "PUT").maxAge(3600);
+        registry.addMapping("/**")
+                .allowCredentials(false)
+                .allowedOrigins("*")
+                .allowedHeaders("*")
+                .allowedMethods("GET", "PUT", "POST", "DELETE")
+                .exposedHeaders("*");
    }
 }
--- a/src/main/java/xyz/playedu/api/middleware/AdminAuthMiddleware.java
+++ b/src/main/java/xyz/playedu/api/middleware/AdminAuthMiddleware.java
@ -1,6 +1,5 @@
 package xyz.playedu.api.middleware;

-import com.fasterxml.jackson.databind.ObjectMapper;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
 import lombok.extern.slf4j.Slf4j;
@ -36,7 +35,7 @@ public class AdminAuthMiddleware implements HandlerInterceptor {

    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
-        if (BackendBus.inUnAuthWhitelist(request.getRequestURI())) {
+        if ("OPTIONS".equals(request.getMethod()) || BackendBus.inUnAuthWhitelist(request.getRequestURI())) {
            return HandlerInterceptor.super.preHandle(request, response, handler);
        }

@ -64,13 +63,11 @@ public class AdminAuthMiddleware implements HandlerInterceptor {
            if (appBus.isDev()) {
                log.debug("jwt解析失败:" + e.getMessage());
            }
-            responseTransform(response, 401, "请重新登录");
-            return false;
+            return responseTransform(response, 401, "请重新登录");
        }
    }

    private boolean responseTransform(HttpServletResponse response, int code, String msg) throws IOException {
-        ObjectMapper mapper = new ObjectMapper();
        response.setStatus(code);
        response.setContentType("application/json;charset=utf-8");
        response.getWriter().print(HelperUtil.toJsonStr(JsonResponse.error(msg)));
--- a/src/main/java/xyz/playedu/api/util/IpUtil.java
+++ b/src/main/java/xyz/playedu/api/util/IpUtil.java
@ -72,14 +72,14 @@ public class IpUtil {
        try {
            String rspStr = HttpUtil.sendGet(IP_URL, "ip=" + ip + "&json=true", "GBK");
            if (StringUtil.isEmpty(rspStr)) {
-                log.error("获取地理位置异常 {}", ip);
+                log.error("获取地理位置异常1 {}", ip);
                return UNKNOWN;
            }
            ObjectMapper objectMapper = new ObjectMapper();
            Response obj = objectMapper.readValue(rspStr, Response.class);
            return String.format("%s-%s", obj.getPro(), obj.getCity());
        } catch (Exception e) {
-            log.error("获取地理位置异常 {}", ip);
+            log.error("获取地理位置异常2 {} msg {}", ip, e.getMessage());
        }

        return UNKNOWN;
--- a/src/main/resources/application.yml
+++ b/src/main/resources/application.yml
@ -68,7 +68,4 @@ playedu:
    key: "eJTJSLPv13fw9twbuPoeicypLqnSfYWL" #32个字符,加密key用来加密jwt的数据[运行本系统之前请务必修改]
    expire: 1296000 #token有效期[单位:秒,默认15天]
    cache-black-prefix: "jwt:blk:" #主动注销的token黑名单缓存前缀
-  # CORS
-  cors:
-    origins: "*"