template
/
template_service
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

feat(security): 添加 CORS 配置并修改登录接口路径 

- 在 SecurityConfig 中添加 CORS 配置,允许跨域请求
- 将 AdminController 中的登录接口路径修改为 /auth/login
This commit is contained in:
FalingCliff 2025-05-25 15:09:10 +08:00
parent ae619cc964
commit 229dc941bb
2 changed files with 21 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
src/main/java/com/example/admin_server/config/SecurityConfig.java
View File

@ -9,6 +9,11 @@ import org.springframework.security.config.annotation.web.configuration.EnableWe
import org.springframework.security.config.http.SessionCreationPolicy; import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.web.SecurityFilterChain; import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.CorsConfigurationSource;
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
import java.util.Collections;
@Configuration @Configuration
@EnableWebSecurity @EnableWebSecurity
@ -28,6 +33,7 @@ public class SecurityConfig {
@Bean @Bean
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
http http
.cors().and()
.csrf().disable() .csrf().disable()
.sessionManagement() .sessionManagement()
.sessionCreationPolicy(SessionCreationPolicy.STATELESS) .sessionCreationPolicy(SessionCreationPolicy.STATELESS)
@ -49,4 +55,18 @@ public class SecurityConfig {
return http.build(); return http.build();
} }
@Bean
public CorsConfigurationSource corsConfigurationSource() {
CorsConfiguration config = new CorsConfiguration();
config.setAllowedOriginPatterns(Collections.singletonList("*")); // 或指定 http://localhost:9527
config.setAllowCredentials(true);
config.addAllowedHeader("*");
config.addAllowedMethod("*");
UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
source.registerCorsConfiguration("/**", config);
return source;
}
} }

2
src/main/java/com/example/admin_server/controller/admin/AdminController.java
View File

@ -28,7 +28,7 @@ public class AdminController {
private final AdminMapper adminMapper; private final AdminMapper adminMapper;
private final JwtUtil jwtUtil; private final JwtUtil jwtUtil;
@PostMapping("/login") @PostMapping("/auth/login")
@ApiOperation(value = "管理员登陆") @ApiOperation(value = "管理员登陆")
public Result<?> login(@RequestBody LoginDto request) { public Result<?> login(@RequestBody LoginDto request) {
Admin admin = adminMapper.selectOne(new QueryWrapper<Admin>() Admin admin = adminMapper.selectOne(new QueryWrapper<Admin>()