fix(gateway): 优化cors配置，网关统一处理

service-configuration/src/main/java/com/lanyuanxiaoyao/service/configuration/SecurityConfig.java

@@ -21,7 +21,6 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
 
     private final SecurityProperties securityProperties;
 
-    @SuppressWarnings("SpringJavaInjectionPointsAutowiringInspection")
     public SecurityConfig(SecurityProperties securityProperties) {
         this.securityProperties = securityProperties;
     }
@@ -36,6 +35,8 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
                 .and()
                 .csrf()
                 .disable()
+                .cors()
+                .disable()
                 .formLogin()
                 .disable();
     }

service-gateway/pom.xml

@@ -14,7 +14,7 @@
     <dependencies>
         <dependency>
             <groupId>com.lanyuanxiaoyao</groupId>
-            <artifactId>service-dependencies</artifactId>
+            <artifactId>service-configuration</artifactId>
             <exclusions>
                 <exclusion>
                     <groupId>org.springframework.boot</groupId>
@@ -22,10 +22,6 @@
                 </exclusion>
             </exclusions>
         </dependency>
-        <dependency>
-            <groupId>com.lanyuanxiaoyao</groupId>
-            <artifactId>service-configuration</artifactId>
-        </dependency>
         <dependency>
             <groupId>org.springframework.cloud</groupId>
             <artifactId>spring-cloud-starter-gateway</artifactId>

service-gateway/src/main/java/com/lanyuanxiaoyao/service/gateway/configuration/SecurityConfiguration.java

@@ -9,6 +9,9 @@ import org.springframework.security.core.userdetails.MapReactiveUserDetailsServi
 import org.springframework.security.core.userdetails.User;
 import org.springframework.security.core.userdetails.UserDetails;
 import org.springframework.security.web.server.SecurityWebFilterChain;
+import org.springframework.web.cors.CorsConfiguration;
+import org.springframework.web.cors.reactive.CorsConfigurationSource;
+import org.springframework.web.cors.reactive.UrlBasedCorsConfigurationSource;
 
 /**
  * web security
@@ -28,14 +31,26 @@ public class SecurityConfiguration {
                 .permitAll()
                 .and()
                 .httpBasic()
-                .and()
-                .cors()
                 .disable()
+                .cors()
+                .configurationSource(corsConfigurationSource())
+                .and()
                 .csrf()
                 .disable()
                 .build();
     }
 
+    private CorsConfigurationSource corsConfigurationSource() {
+        CorsConfiguration configuration = new CorsConfiguration();
+        configuration.setAllowCredentials(true);
+        configuration.addAllowedHeader("*");
+        configuration.addAllowedMethod("*");
+        configuration.addAllowedOriginPattern("*");
+        UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
+        source.registerCorsConfiguration("/**", configuration);
+        return source;
+    }
+
     @Bean
     public MapReactiveUserDetailsService userDetailsService(SecurityProperties securityProperties) {
         UserDetails user = User.builder()

service-web/src/main/java/com/lanyuanxiaoyao/service/web/configuration/WebConfiguration.java

@@ -1,24 +0,0 @@
-package com.lanyuanxiaoyao.service.web.configuration;
-
-import org.springframework.context.annotation.Configuration;
-import org.springframework.web.servlet.config.annotation.CorsRegistry;
-import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
-
-/**
- * web 配置
- *
- * @author lanyuanxiaoyao
- * @date 2023-04-21
- */
-@Configuration
-public class WebConfiguration implements WebMvcConfigurer {
-    @Override
-    public void addCorsMappings(CorsRegistry registry) {
-        // 避免跨域影响调试
-        registry.addMapping("/**")
-                .allowedOriginPatterns("*")
-                .allowCredentials(true)
-                .allowedMethods("*")
-                .maxAge(3600);
-    }
-}