fix(ai): 优化cors配置
This commit is contained in:
v-zhangjc9
@@ -1,24 +0,0 @@
|
|||||||
package com.lanyuanxiaoyao.service.ai.core.configuration;
|
|
||||||
|
|
||||||
import org.springframework.context.annotation.Configuration;
|
|
||||||
import org.springframework.web.servlet.config.annotation.CorsRegistry;
|
|
||||||
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* web 配置
|
|
||||||
*
|
|
||||||
* @author lanyuanxiaoyao
|
|
||||||
* @date 2023-04-21
|
|
||||||
*/
|
|
||||||
@Configuration
|
|
||||||
public class WebConfiguration implements WebMvcConfigurer {
|
|
||||||
@Override
|
|
||||||
public void addCorsMappings(CorsRegistry registry) {
|
|
||||||
// 避免跨域影响调试
|
|
||||||
registry.addMapping("/**")
|
|
||||||
.allowedOriginPatterns("*")
|
|
||||||
.allowCredentials(true)
|
|
||||||
.allowedMethods("*")
|
|
||||||
.maxAge(3600);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
@@ -12,9 +12,6 @@ import org.springframework.security.core.userdetails.User;
|
|||||||
import org.springframework.security.core.userdetails.UserDetails;
|
import org.springframework.security.core.userdetails.UserDetails;
|
||||||
import org.springframework.security.provisioning.InMemoryUserDetailsManager;
|
import org.springframework.security.provisioning.InMemoryUserDetailsManager;
|
||||||
import org.springframework.security.web.SecurityFilterChain;
|
import org.springframework.security.web.SecurityFilterChain;
|
||||||
import org.springframework.web.cors.CorsConfiguration;
|
|
||||||
import org.springframework.web.cors.CorsConfigurationSource;
|
|
||||||
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @author lanyuanxiaoyao
|
* @author lanyuanxiaoyao
|
||||||
@@ -29,23 +26,12 @@ public class SecurityConfig {
|
|||||||
public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
|
public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
|
||||||
return http.authorizeHttpRequests(registry -> registry.anyRequest().authenticated())
|
return http.authorizeHttpRequests(registry -> registry.anyRequest().authenticated())
|
||||||
.httpBasic(Customizer.withDefaults())
|
.httpBasic(Customizer.withDefaults())
|
||||||
|
.cors(AbstractHttpConfigurer::disable)
|
||||||
.csrf(AbstractHttpConfigurer::disable)
|
.csrf(AbstractHttpConfigurer::disable)
|
||||||
.cors(configurer -> configurer.configurationSource(corsConfigurationSource()))
|
|
||||||
.formLogin(AbstractHttpConfigurer::disable)
|
.formLogin(AbstractHttpConfigurer::disable)
|
||||||
.build();
|
.build();
|
||||||
}
|
}
|
||||||
|
|
||||||
private CorsConfigurationSource corsConfigurationSource() {
|
|
||||||
CorsConfiguration configuration = new CorsConfiguration();
|
|
||||||
configuration.setAllowCredentials(true);
|
|
||||||
configuration.addAllowedHeader("*");
|
|
||||||
configuration.addAllowedMethod("*");
|
|
||||||
configuration.addAllowedOriginPattern("*");
|
|
||||||
UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
|
|
||||||
source.registerCorsConfiguration("/**", configuration);
|
|
||||||
return source;
|
|
||||||
}
|
|
||||||
|
|
||||||
@Bean
|
@Bean
|
||||||
public InMemoryUserDetailsManager userDetailsService(SecurityProperties securityProperties) {
|
public InMemoryUserDetailsManager userDetailsService(SecurityProperties securityProperties) {
|
||||||
UserDetails user = User.builder()
|
UserDetails user = User.builder()
|
||||||
|
|||||||
Reference in New Issue
Block a user