java/eyes.git - Gitblit

			@@ -1,10 +1,26 @@
			package com.jilongda.common.config;

			import org.springframework.beans.factory.annotation.Autowired;
			import org.springframework.context.annotation.Bean;
			import org.springframework.context.annotation.Configuration;
			import org.springframework.http.HttpHeaders;
			import org.springframework.http.HttpMethod;
			import org.springframework.http.HttpStatus;
			import org.springframework.http.MediaType;
			import org.springframework.http.server.reactive.ServerHttpRequest;
			import org.springframework.http.server.reactive.ServerHttpResponse;
			import org.springframework.web.cors.CorsConfiguration;
			import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
			import org.springframework.web.cors.reactive.CorsUtils;
			import org.springframework.web.filter.CorsFilter;
			import org.springframework.web.server.ServerWebExchange;
			import org.springframework.web.server.WebFilter;
			import org.springframework.web.server.WebFilterChain;
			import org.springframework.web.servlet.config.annotation.CorsRegistry;
			import org.springframework.web.servlet.function.RequestPredicates;
			import org.springframework.web.servlet.function.RouterFunction;
			import org.springframework.web.servlet.function.RouterFunctions;
			import reactor.core.publisher.Mono;

			import java.util.Collections;

			@@ -24,30 +40,56 @@
			*/
			@Configuration
			public class CorsConfig {
			private CorsConfiguration buildConfig() {
			CorsConfiguration corsConfiguration = new CorsConfiguration();
			//1.允许任何来源
			corsConfiguration.setAllowedOriginPatterns(Collections.singletonList("*"));
			//2.允许任何请求头
			corsConfiguration.addAllowedHeader(CorsConfiguration.ALL);
			//3.允许任何方法
			corsConfiguration.addAllowedMethod(CorsConfiguration.ALL);
			//4.允许凭证
			corsConfiguration.setAllowCredentials(true);

			/**
			* 这里为支持的请求头，如果有自定义的header字段请自己添加
			*/
			private static final String ALLOWED_HEADERS = "X-Requested-With, Content-Type, Authorization, credential, X-XSRF-TOKEN, token, username, client, request-origion";
			private static final String ALLOWED_METHODS = "GET,POST,PUT,DELETE";
			private static final String ALLOWED_ORIGIN = "*";
			private static final String ALLOWED_EXPOSE = "*";
			private static final String MAX_AGE = "18000L";



			return corsConfiguration;
			/**
			* 跨域配置
			*/
			@Bean
			public WebFilter corsFilter()
			{
			return (ServerWebExchange ctx, WebFilterChain chain) -> {
			ServerHttpRequest request = ctx.getRequest();
			if (CorsUtils.isCorsRequest(request))
			{
			ServerHttpResponse response = ctx.getResponse();
			HttpHeaders headers = response.getHeaders();
			headers.add("Access-Control-Allow-Headers", ALLOWED_HEADERS);
			headers.add("Access-Control-Allow-Methods", ALLOWED_METHODS);
			headers.add("Access-Control-Allow-Origin", ALLOWED_ORIGIN);
			headers.add("Access-Control-Expose-Headers", ALLOWED_EXPOSE);
			headers.add("Access-Control-Max-Age", MAX_AGE);
			headers.add("Access-Control-Allow-Credentials", "false");
			if (request.getMethod() == HttpMethod.OPTIONS)
			{
			response.setStatusCode(HttpStatus.OK);
			return Mono.empty();
			}
			}
			return chain.filter(ctx);
			};
			}

			@Bean
			public CorsFilter corsFilter() {
			UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
			// 对接口配置跨域设置
			// source.registerCorsConfiguration("/v2/api-docs/**", buildConfig());
			source.registerCorsConfiguration("/**", buildConfig());
			return new CorsFilter(source);
			public CorsRegistry addCorsMappings() {
			return new CorsRegistry();
			}

			@Bean
			public void addCorsMappings(CorsRegistry registry) {
			registry.addMapping("/**")
			.allowedOriginPatterns("*")
			.allowedMethods("*")
			.maxAge(3600)
			.allowCredentials(true);
			}

			}