From 80096e5cd21947461a47b7d2440b436899953e6f Mon Sep 17 00:00:00 2001
From: hongjli <3117313295@qq.com>
Date: 星期二, 15 四月 2025 17:17:46 +0800
Subject: [PATCH] 优化
---
src/main/java/com/weiwojc/config/SecurityConfig.java | 19 +++++++++++++++++++
1 files changed, 19 insertions(+), 0 deletions(-)
diff --git a/src/main/java/com/weiwojc/config/SecurityConfig.java b/src/main/java/com/weiwojc/config/SecurityConfig.java
index 025950f..23f47ed 100644
--- a/src/main/java/com/weiwojc/config/SecurityConfig.java
+++ b/src/main/java/com/weiwojc/config/SecurityConfig.java
@@ -12,6 +12,9 @@
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
+import org.springframework.web.cors.CorsConfiguration;
+import org.springframework.web.cors.CorsConfigurationSource;
+import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
@Configuration
@EnableWebSecurity
@@ -23,6 +26,7 @@
@Bean
public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
http
+ .cors(cors -> cors.configurationSource(corsConfigurationSource()))
.csrf(AbstractHttpConfigurer::disable)
.sessionManagement(session -> session
.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
@@ -35,6 +39,21 @@
}
@Bean
+ public CorsConfigurationSource corsConfigurationSource() {
+ CorsConfiguration configuration = new CorsConfiguration();
+ configuration.addAllowedOriginPattern("*");
+ configuration.addAllowedMethod("*");
+ configuration.addAllowedHeader("*");
+ configuration.setAllowCredentials(true);
+ configuration.addExposedHeader("*");
+ configuration.setMaxAge(3600L);
+
+ UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
+ source.registerCorsConfiguration("/**", configuration);
+ return source;
+ }
+
+ @Bean
public PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
--
Gitblit v1.9.3