fix: 跨域放行准则
This commit is contained in:
parent
ae24df4741
commit
c49c96290a
34
src/main/java/com/jsl/oa/config/filter/CorsFilter.java
Normal file
34
src/main/java/com/jsl/oa/config/filter/CorsFilter.java
Normal file
@ -0,0 +1,34 @@
|
||||
package com.jsl.oa.config.filter;
|
||||
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.springframework.stereotype.Component;
|
||||
|
||||
import javax.servlet.*;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
@Slf4j
|
||||
@Component
|
||||
public class CorsFilter implements Filter {
|
||||
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) {
|
||||
// 请求头处理
|
||||
HttpServletResponse response = (HttpServletResponse) res;
|
||||
HttpServletRequest request = (HttpServletRequest) req;
|
||||
|
||||
// 允许跨域请求
|
||||
response.setHeader("Access-Control-Allow-Origin", request.getHeader("Origin"));
|
||||
|
||||
try {
|
||||
chain.doFilter(request, response);
|
||||
} catch (Exception e) {
|
||||
log.error("CORS过滤器放行异常", e);
|
||||
}
|
||||
}
|
||||
|
||||
public void init(FilterConfig filterConfig) {}
|
||||
|
||||
public void destroy() {
|
||||
Filter.super.destroy();
|
||||
}
|
||||
|
||||
}
|
||||
@ -1,4 +1,4 @@
|
||||
package com.jsl.oa.config;
|
||||
package com.jsl.oa.config.filter;
|
||||
|
||||
import com.google.gson.Gson;
|
||||
import com.jsl.oa.utils.ErrorCode;
|
||||
@ -7,10 +7,12 @@ import com.jsl.oa.utils.ResultUtil;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.apache.shiro.authc.ExpiredCredentialsException;
|
||||
import org.apache.shiro.web.filter.authc.BasicHttpAuthenticationFilter;
|
||||
import org.springframework.stereotype.Component;
|
||||
|
||||
import javax.servlet.ServletRequest;
|
||||
import javax.servlet.ServletResponse;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
/**
|
||||
* <h1>JWT过滤器</h1>
|
||||
@ -22,6 +24,7 @@ import javax.servlet.http.HttpServletRequest;
|
||||
* @since v1.1.0
|
||||
*/
|
||||
@Slf4j
|
||||
@Component
|
||||
public class JwtFilter extends BasicHttpAuthenticationFilter {
|
||||
|
||||
/**
|
||||
@ -61,6 +64,10 @@ public class JwtFilter extends BasicHttpAuthenticationFilter {
|
||||
*/
|
||||
@Override
|
||||
protected boolean onAccessDenied(ServletRequest request, ServletResponse response, Object mappedValue) throws Exception {
|
||||
// 添加跨域禁止
|
||||
HttpServletResponse httpServletResponse = (HttpServletResponse) response;
|
||||
httpServletResponse.setHeader("Access-Control-Allow-Origin", "*");
|
||||
// 程序执行
|
||||
try {
|
||||
// 尝试获取Authorization Header
|
||||
String token = getAuthzHeader(request);
|
||||
@ -1,7 +1,5 @@
|
||||
package com.jsl.oa.config.shiro;
|
||||
|
||||
import com.jsl.oa.services.UserService;
|
||||
import lombok.RequiredArgsConstructor;
|
||||
import org.apache.shiro.authc.AuthenticationException;
|
||||
import org.apache.shiro.authc.AuthenticationInfo;
|
||||
import org.apache.shiro.authc.AuthenticationToken;
|
||||
@ -10,11 +8,8 @@ import org.apache.shiro.realm.AuthorizingRealm;
|
||||
import org.apache.shiro.subject.PrincipalCollection;
|
||||
import org.jetbrains.annotations.NotNull;
|
||||
|
||||
@RequiredArgsConstructor
|
||||
public class MyRealm extends AuthorizingRealm {
|
||||
|
||||
private final UserService userService;
|
||||
|
||||
/**
|
||||
* 授权
|
||||
*
|
||||
|
||||
@ -1,6 +1,7 @@
|
||||
package com.jsl.oa.config.shiro;
|
||||
|
||||
import com.jsl.oa.config.JwtFilter;
|
||||
import com.jsl.oa.config.filter.CorsFilter;
|
||||
import com.jsl.oa.config.filter.JwtFilter;
|
||||
import com.jsl.oa.services.UserService;
|
||||
import lombok.RequiredArgsConstructor;
|
||||
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
|
||||
@ -29,7 +30,7 @@ public class ShiroConfiguration {
|
||||
filterChainDefinitionMap.put("/unauthorized", "anon"); // 未授权接口允许匿名访问
|
||||
filterChainDefinitionMap.put("/", "anon"); // 首页允许匿名访问
|
||||
filterChainDefinitionMap.put("/info/header-image/get", "anon"); // 信息接口允许匿名访问
|
||||
filterChainDefinitionMap.put("/**/**", "jwt"); // 其他接口一律拦截(需要Token)
|
||||
filterChainDefinitionMap.put("/**/**", "authc"); // 其他接口一律拦截(需要Token)
|
||||
|
||||
shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);
|
||||
|
||||
@ -38,7 +39,8 @@ public class ShiroConfiguration {
|
||||
|
||||
// 添加JWT过滤器
|
||||
Map<String, Filter> filters = new LinkedHashMap<>();
|
||||
filters.put("jwt", new JwtFilter()); // 配置自定义的JWT过滤器
|
||||
filters.put("authc", new JwtFilter()); // 配置自定义的JWT过滤器
|
||||
filters.put("anon", new CorsFilter()); // 配置自定义的CORS过滤器
|
||||
shiroFilterFactoryBean.setFilters(filters);
|
||||
return shiroFilterFactoryBean;
|
||||
}
|
||||
@ -52,6 +54,6 @@ public class ShiroConfiguration {
|
||||
|
||||
@Bean
|
||||
public MyRealm myRealm() {
|
||||
return new MyRealm(userService);
|
||||
return new MyRealm();
|
||||
}
|
||||
}
|
||||
|
||||
@ -1,6 +1,7 @@
|
||||
package com.jsl.oa.utils;
|
||||
|
||||
import com.jsl.oa.common.constant.SafeConstants;
|
||||
import com.jsl.oa.config.filter.JwtFilter;
|
||||
import io.jsonwebtoken.Claims;
|
||||
import io.jsonwebtoken.Jws;
|
||||
import io.jsonwebtoken.Jwts;
|
||||
@ -19,7 +20,7 @@ import java.util.regex.Pattern;
|
||||
*
|
||||
* @author 筱锋xiao_lfeng
|
||||
* @version v1.1.0
|
||||
* @see com.jsl.oa.config.JwtFilter
|
||||
* @see JwtFilter
|
||||
* @since v1.1.0
|
||||
*/
|
||||
@Slf4j
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user