跨域

src/main/java/com/neotel/smfcore/core/device/rest/DeviceController.java

 
 
 package com.neotel.smfcore.core.device.rest;
 package com.neotel.smfcore.core.device.rest;
 
 
+import com.neotel.smfcore.security.annotation.AnonymousAccess;
 import com.neotel.smfcore.security.annotation.AnonymousPostMapping;
 import com.neotel.smfcore.security.annotation.AnonymousPostMapping;
 import com.neotel.smfcore.core.storage.enums.DeviceType;
 import com.neotel.smfcore.core.storage.enums.DeviceType;
 import com.neotel.smfcore.core.device.handler.IDeviceHandler;
 import com.neotel.smfcore.core.device.handler.IDeviceHandler;
@@ -22,7 +23,6 @@ import java.util.Map;
 
 
 @Slf4j
 @Slf4j
 @RestController
 @RestController
-@RequestMapping("/service/store")
 @Api(tags = "设备通信")
 @Api(tags = "设备通信")
 public class DeviceController {
 public class DeviceController {
 
 
@@ -39,8 +39,9 @@ public class DeviceController {
     }
     }
 
 
     @ApiOperation("客户端定时通信接口")
     @ApiOperation("客户端定时通信接口")
-    @AnonymousPostMapping(value = "/communication")
+    @PostMapping(value = "/service/store/communication")
     @ResponseBody
     @ResponseBody
+    @AnonymousAccess
     public StatusBean communication(@RequestBody final StatusBean statusBean, HttpServletRequest request) {
     public StatusBean communication(@RequestBody final StatusBean statusBean, HttpServletRequest request) {
         try {
         try {
             String cid = statusBean.getCid();
             String cid = statusBean.getCid();

src/main/java/com/neotel/smfcore/security/config/CorsConfig.java

-package com.neotel.smfcore.security.config;
-
-import org.springframework.context.annotation.Configuration;
-import org.springframework.web.servlet.config.annotation.CorsRegistry;
-import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
-
-/**
- * Created by sunke on 2021/8/6.
- */
-@Configuration
-public class CorsConfig implements WebMvcConfigurer {
-    /**
-     * 开启跨域
-     */
-    @Override
-    public void addCorsMappings(CorsRegistry registry) {
-        // 设置允许跨域的路由
-        registry.addMapping("/**")
-                // 设置允许跨域请求的域名
-                .allowedOriginPatterns("*")
-                // 是否允许证书（cookies）
-                .allowCredentials(true)
-                // 设置允许的方法
-                .allowedMethods("*")
-                // 跨域允许时间
-                .maxAge(3600);
-    }
-}

src/main/java/com/neotel/smfcore/security/config/CorsFilter.java

+package com.neotel.smfcore.security.config;
+
+import java.io.IOException;
+
+import javax.servlet.FilterChain;
+import javax.servlet.ServletException;
+import javax.servlet.annotation.WebFilter;
+import javax.servlet.http.HttpFilter;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import lombok.extern.slf4j.Slf4j;
+import org.apache.logging.log4j.util.Strings;
+import org.springframework.core.annotation.Order;
+import org.springframework.http.HttpHeaders;
+import org.springframework.http.MediaType;
+import org.springframework.stereotype.Component;
+import org.springframework.util.StringUtils;
+
+@Component
+@WebFilter(urlPatterns = "/*")
+@Order(-99999)
+@Slf4j
+public class CorsFilter extends HttpFilter {
+
+
+    /**
+     *
+     */
+    private static final long serialVersionUID = 2386571986045107652L;
+    private static final String OPTIONS_METHOD = "OPTIONS";
+
+    @Override
+    protected void doFilter(HttpServletRequest req, HttpServletResponse res, FilterChain chain) throws IOException, ServletException {
+
+        String origin = req.getHeader(HttpHeaders.ORIGIN);
+        String repOrigin = res.getHeader(HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN);
+
+        if (Strings.isNotBlank(origin) && Strings.isNotBlank(repOrigin)) {
+            // 允许客户端的域
+            res.addHeader(HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN, origin);
+
+            // 允许客户端提交的Header
+            String requestHeaders = req.getHeader(HttpHeaders.ACCESS_CONTROL_REQUEST_HEADERS);
+            if (!StringUtils.isEmpty(requestHeaders)) {
+                res.addHeader(HttpHeaders.ACCESS_CONTROL_ALLOW_HEADERS, requestHeaders);
+            }
+
+            // 允许客户端访问的Header
+            res.addHeader(HttpHeaders.ACCESS_CONTROL_EXPOSE_HEADERS, "*");
+
+            // 允许客户端携带凭证信息
+            res.addHeader(HttpHeaders.ACCESS_CONTROL_ALLOW_CREDENTIALS, "true");
+
+            // 允许客户端请求方法
+            res.addHeader(HttpHeaders.ACCESS_CONTROL_ALLOW_METHODS, "GET, POST, PUT, OPTIONS, DELETE");
+
+            if (OPTIONS_METHOD.equalsIgnoreCase(req.getMethod())) {
+                res.setStatus(HttpServletResponse.SC_NO_CONTENT);
+                res.setContentType(MediaType.TEXT_HTML_VALUE);
+                res.setCharacterEncoding("utf-8");
+                res.setContentLength(0);
+                res.addHeader(HttpHeaders.ACCESS_CONTROL_MAX_AGE, "1800");
+                return;
+            }
+        }
+
+        super.doFilter(req, res, chain);
+    }
+}
\ No newline at end of file