From 80096e5cd21947461a47b7d2440b436899953e6f Mon Sep 17 00:00:00 2001
From: hongjli <3117313295@qq.com>
Date: 星期二, 15 四月 2025 17:17:46 +0800
Subject: [PATCH] 优化
---
src/main/java/com/weiwojc/config/SecurityConfig.java | 19 +++++++++++++++++++
src/main/java/com/weiwojc/config/CorsConfig.java | 33 +++++++++++++++++++++++++++++++++
2 files changed, 52 insertions(+), 0 deletions(-)
diff --git a/src/main/java/com/weiwojc/config/CorsConfig.java b/src/main/java/com/weiwojc/config/CorsConfig.java
new file mode 100644
index 0000000..c83771d
--- /dev/null
+++ b/src/main/java/com/weiwojc/config/CorsConfig.java
@@ -0,0 +1,33 @@
+package com.weiwojc.config;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.web.cors.CorsConfiguration;
+import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
+import org.springframework.web.filter.CorsFilter;
+
+@Configuration
+public class CorsConfig {
+
+ @Bean
+ public CorsFilter corsFilter() {
+ UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
+ CorsConfiguration config = new CorsConfiguration();
+
+ // 鍏佽璺ㄥ煙鐨勬簮锛岃繖閲岃缃负鍏佽鎵�鏈夋簮
+ config.addAllowedOriginPattern("*");
+ // 鍏佽璺ㄥ煙鐨勮姹傚ご
+ config.addAllowedHeader("*");
+ // 鍏佽璺ㄥ煙鐨勮姹傛柟娉�
+ config.addAllowedMethod("*");
+ // 鍏佽鎼哄甫璁よ瘉淇℃伅锛坱oken锛�
+ config.setAllowCredentials(true);
+ // 鏆撮湶鍝嶅簲澶�
+ config.addExposedHeader("*");
+ // 璁剧疆璺ㄥ煙璇锋眰鐨勬湁鏁堟湡锛屽崟浣嶄负绉�
+ config.setMaxAge(3600L);
+
+ source.registerCorsConfiguration("/**", config);
+ return new CorsFilter(source);
+ }
+}
\ No newline at end of file
diff --git a/src/main/java/com/weiwojc/config/SecurityConfig.java b/src/main/java/com/weiwojc/config/SecurityConfig.java
index 025950f..23f47ed 100644
--- a/src/main/java/com/weiwojc/config/SecurityConfig.java
+++ b/src/main/java/com/weiwojc/config/SecurityConfig.java
@@ -12,6 +12,9 @@
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
+import org.springframework.web.cors.CorsConfiguration;
+import org.springframework.web.cors.CorsConfigurationSource;
+import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
@Configuration
@EnableWebSecurity
@@ -23,6 +26,7 @@
@Bean
public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
http
+ .cors(cors -> cors.configurationSource(corsConfigurationSource()))
.csrf(AbstractHttpConfigurer::disable)
.sessionManagement(session -> session
.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
@@ -35,6 +39,21 @@
}
@Bean
+ public CorsConfigurationSource corsConfigurationSource() {
+ CorsConfiguration configuration = new CorsConfiguration();
+ configuration.addAllowedOriginPattern("*");
+ configuration.addAllowedMethod("*");
+ configuration.addAllowedHeader("*");
+ configuration.setAllowCredentials(true);
+ configuration.addExposedHeader("*");
+ configuration.setMaxAge(3600L);
+
+ UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
+ source.registerCorsConfiguration("/**", configuration);
+ return source;
+ }
+
+ @Bean
public PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
--
Gitblit v1.9.3