From 1ef29a03520b8eb7f945d817a4af88a428d2e3d9 Mon Sep 17 00:00:00 2001 From: horizons <1490493387@qq.com> Date: Mon, 24 Oct 2022 23:28:16 +0800 Subject: [PATCH] =?UTF-8?q?feat:=20=E5=BC=80=E5=90=AFCORS=E8=B5=84?= =?UTF-8?q?=E6=BA=90=E5=85=B1=E4=BA=AB=EF=BC=8C=E8=A7=A3=E5=86=B3=E6=B5=8F?= =?UTF-8?q?=E8=A7=88=E5=99=A8=E8=B7=A8=E5=9F=9F=E8=AE=BF=E9=97=AE=E9=99=90?= =?UTF-8?q?=E5=88=B6?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../com/youlai/system/config/CorsConfig.java | 37 +++++++++++++++++++ .../{security => config}/SecurityConfig.java | 5 +-- .../JwtAuthenticationFilter.java | 13 +++++-- src/main/resources/mapper/SysUserMapper.xml | 2 +- 4 files changed, 50 insertions(+), 7 deletions(-) create mode 100644 src/main/java/com/youlai/system/config/CorsConfig.java rename src/main/java/com/youlai/system/{security => config}/SecurityConfig.java (94%) rename src/main/java/com/youlai/system/{security/jwt => filter}/JwtAuthenticationFilter.java (81%) diff --git a/src/main/java/com/youlai/system/config/CorsConfig.java b/src/main/java/com/youlai/system/config/CorsConfig.java new file mode 100644 index 0000000..3786965 --- /dev/null +++ b/src/main/java/com/youlai/system/config/CorsConfig.java @@ -0,0 +1,37 @@ +package com.youlai.system.config; + +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.web.cors.CorsConfiguration; +import org.springframework.web.cors.UrlBasedCorsConfigurationSource; +import org.springframework.web.filter.CorsFilter; + +import java.util.Collections; + +/** + * 开启CORS资源共享 + * + * @author haoxr + * @date 2022/10/24 + */ +@Configuration +public class CorsConfig { + + @Bean + public CorsFilter corsFilter() { + CorsConfiguration corsConfiguration = new CorsConfiguration(); + //1.允许任何来源 + corsConfiguration.setAllowedOriginPatterns(Collections.singletonList("*")); + //2.允许任何请求头 + corsConfiguration.addAllowedHeader(CorsConfiguration.ALL); + //3.允许任何方法 + corsConfiguration.addAllowedMethod(CorsConfiguration.ALL); + //4.允许凭证 + corsConfiguration.setAllowCredentials(true); + + UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); + source.registerCorsConfiguration("/**", corsConfiguration); + return new CorsFilter(source); + } + +} diff --git a/src/main/java/com/youlai/system/security/SecurityConfig.java b/src/main/java/com/youlai/system/config/SecurityConfig.java similarity index 94% rename from src/main/java/com/youlai/system/security/SecurityConfig.java rename to src/main/java/com/youlai/system/config/SecurityConfig.java index 4aba07b..eb98a02 100644 --- a/src/main/java/com/youlai/system/security/SecurityConfig.java +++ b/src/main/java/com/youlai/system/config/SecurityConfig.java @@ -1,6 +1,6 @@ -package com.youlai.system.security; +package com.youlai.system.config; -import com.youlai.system.security.jwt.JwtAuthenticationFilter; +import com.youlai.system.filter.JwtAuthenticationFilter; import com.youlai.system.security.jwt.JwtTokenManager; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; @@ -11,7 +11,6 @@ import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer; import org.springframework.security.config.http.SessionCreationPolicy; -import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.security.web.SecurityFilterChain; diff --git a/src/main/java/com/youlai/system/security/jwt/JwtAuthenticationFilter.java b/src/main/java/com/youlai/system/filter/JwtAuthenticationFilter.java similarity index 81% rename from src/main/java/com/youlai/system/security/jwt/JwtAuthenticationFilter.java rename to src/main/java/com/youlai/system/filter/JwtAuthenticationFilter.java index 6e9672d..01f34d6 100644 --- a/src/main/java/com/youlai/system/security/jwt/JwtAuthenticationFilter.java +++ b/src/main/java/com/youlai/system/filter/JwtAuthenticationFilter.java @@ -1,15 +1,19 @@ -package com.youlai.system.security.jwt; +package com.youlai.system.filter; import cn.hutool.core.util.StrUtil; import com.youlai.system.common.result.ResultCode; +import com.youlai.system.security.jwt.JwtTokenManager; import com.youlai.system.util.ResponseUtils; +import org.springframework.http.HttpMethod; import org.springframework.security.core.Authentication; import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.web.filter.OncePerRequestFilter; import javax.servlet.FilterChain; +import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import java.io.IOException; /** * jwt auth token filter. @@ -27,8 +31,11 @@ public class JwtAuthenticationFilter extends OncePerRequestFilter { } @Override - protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain) { - + protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws ServletException, IOException { + if(HttpMethod.OPTIONS.matches(request.getMethod()) ){ + chain.doFilter(request, response); + return; + } String jwt = resolveToken(request); if (StrUtil.isNotBlank(jwt) && SecurityContextHolder.getContext().getAuthentication() == null) { try { diff --git a/src/main/resources/mapper/SysUserMapper.xml b/src/main/resources/mapper/SysUserMapper.xml index 908783d..032ea9f 100644 --- a/src/main/resources/mapper/SysUserMapper.xml +++ b/src/main/resources/mapper/SysUserMapper.xml @@ -21,7 +21,7 @@ sys_user u LEFT JOIN sys_dept d ON u.dept_id = d.id LEFT JOIN sys_user_role sur ON u.id = sur.user_id - LEFT JOIN sys_role r ON ur.role_id = r.id + LEFT JOIN sys_role r ON sur.role_id = r.id u.deleted = 0 -- GitLab