修复bug
This commit is contained in:
@@ -104,7 +104,16 @@
|
||||
</dependency>
|
||||
</dependencies>
|
||||
|
||||
<!-- 注意修改!!! -->
|
||||
<build>
|
||||
<!-- <resources>-->
|
||||
<!-- <resource>-->
|
||||
<!-- <directory>src/main/resources</directory>-->
|
||||
<!-- <excludes>-->
|
||||
<!-- <exclude>application.yml</exclude>-->
|
||||
<!-- </excludes>-->
|
||||
<!-- </resource>-->
|
||||
<!-- </resources>-->
|
||||
<plugins>
|
||||
<plugin>
|
||||
<groupId>org.springframework.boot</groupId>
|
||||
@@ -126,6 +135,31 @@
|
||||
</excludes>
|
||||
</configuration>
|
||||
</plugin>
|
||||
<plugin>
|
||||
<groupId>org.apache.maven.plugins</groupId>
|
||||
<artifactId>maven-resources-plugin</artifactId>
|
||||
<version>3.2.0</version>
|
||||
<executions>
|
||||
<execution>
|
||||
<id>copy-resources</id>
|
||||
<phase>process-resources</phase>
|
||||
<goals>
|
||||
<goal>copy-resources</goal>
|
||||
</goals>
|
||||
<configuration>
|
||||
<outputDirectory>${project.build.directory}/config</outputDirectory>
|
||||
<resources>
|
||||
<resource>
|
||||
<directory>src/main/resources</directory>
|
||||
<includes>
|
||||
<include>application.yml</include>
|
||||
</includes>
|
||||
</resource>
|
||||
</resources>
|
||||
</configuration>
|
||||
</execution>
|
||||
</executions>
|
||||
</plugin>
|
||||
</plugins>
|
||||
</build>
|
||||
|
||||
|
||||
@@ -14,6 +14,7 @@ import org.springframework.web.cors.CorsConfigurationSource;
|
||||
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
|
||||
|
||||
import java.util.Arrays;
|
||||
import java.util.Collections;
|
||||
|
||||
/**
|
||||
* 安全相关配置 (集成CORS)
|
||||
@@ -46,6 +47,8 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
|
||||
.antMatchers(HttpMethod.DELETE, "/user/delete/**").hasAuthority(UserRoleEnum.ADMIN.getValue())
|
||||
.antMatchers(HttpMethod.POST, "/user/admin/add").hasAuthority(UserRoleEnum.ADMIN.getValue())
|
||||
.antMatchers(HttpMethod.PUT, "/user/admin/update").hasAuthority(UserRoleEnum.ADMIN.getValue())
|
||||
// 明确允许 /admin/robot 相关请求
|
||||
.antMatchers("/admin/robot/**").hasAuthority(UserRoleEnum.ADMIN.getValue())
|
||||
// 其他所有请求都需要认证
|
||||
.anyRequest().authenticated()
|
||||
)
|
||||
@@ -58,16 +61,22 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
|
||||
@Bean
|
||||
CorsConfigurationSource corsConfigurationSource() {
|
||||
CorsConfiguration configuration = new CorsConfiguration();
|
||||
// TODO: 在生产环境请显式指定允许的源,而不是 "*"
|
||||
configuration.setAllowedOriginPatterns(Arrays.asList("*")); // 允许所有源模式
|
||||
configuration.setAllowedMethods(Arrays.asList("GET", "POST", "PUT", "DELETE", "OPTIONS"));
|
||||
configuration.setAllowedHeaders(Arrays.asList("*")); // 允许所有头
|
||||
configuration.setAllowCredentials(true); // 允许发送 Cookie
|
||||
configuration.setMaxAge(3600L); // 预检请求的有效期
|
||||
// configuration.setExposedHeaders(Arrays.asList("YourCustomHeader")); // 如果需要暴露自定义头
|
||||
// 允许所有源,更宽松的配置
|
||||
configuration.setAllowedOriginPatterns(Collections.singletonList("*"));
|
||||
// 允许所有HTTP方法
|
||||
configuration.setAllowedMethods(Arrays.asList("GET", "POST", "PUT", "PATCH", "DELETE", "OPTIONS", "HEAD"));
|
||||
// 允许所有头
|
||||
configuration.setAllowedHeaders(Collections.singletonList("*"));
|
||||
// 允许发送凭证(cookies、HTTP认证及客户端SSL证明等)
|
||||
configuration.setAllowCredentials(true);
|
||||
// 预检请求的有效期,单位为秒
|
||||
configuration.setMaxAge(3600L);
|
||||
// 暴露响应头,特别是授权相关的
|
||||
configuration.setExposedHeaders(Arrays.asList("Authorization", "Set-Cookie", "X-XSRF-TOKEN"));
|
||||
|
||||
UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
|
||||
source.registerCorsConfiguration("/**", configuration); // 对所有路径应用配置
|
||||
// 对所有路径应用配置
|
||||
source.registerCorsConfiguration("/**", configuration);
|
||||
return source;
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,30 @@
|
||||
package com.yupi.project.config;
|
||||
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.web.servlet.config.annotation.CorsRegistry;
|
||||
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
|
||||
|
||||
/**
|
||||
* 全局跨域配置
|
||||
*/
|
||||
@Configuration
|
||||
public class WebMvcConfig implements WebMvcConfigurer {
|
||||
|
||||
@Override
|
||||
public void addCorsMappings(CorsRegistry registry) {
|
||||
// 覆盖所有请求
|
||||
registry.addMapping("/**")
|
||||
// 允许发送Cookie
|
||||
.allowCredentials(true)
|
||||
// 放行哪些域名(必须用 patterns,否则 * 会和 allowCredentials 冲突)
|
||||
.allowedOriginPatterns("*")
|
||||
// 放行哪些请求方式
|
||||
.allowedMethods("GET", "POST", "PUT", "DELETE", "OPTIONS", "HEAD", "PATCH")
|
||||
// 放行哪些请求头
|
||||
.allowedHeaders("*")
|
||||
// 暴露哪些请求头
|
||||
.exposedHeaders("Authorization", "Set-Cookie", "X-XSRF-TOKEN")
|
||||
// 预检请求的有效期,单位为秒
|
||||
.maxAge(3600);
|
||||
}
|
||||
}
|
||||
@@ -4,9 +4,9 @@ spring:
|
||||
# DataSource Config
|
||||
datasource:
|
||||
driver-class-name: com.mysql.cj.jdbc.Driver
|
||||
url: jdbc:mysql://yuyun-us1.stormrain.cn:3306/mqtt_power?useUnicode=true&characterEncoding=utf-8&serverTimezone=Asia/Shanghai
|
||||
url: jdbc:mysql://yuyun-hk1.stormrain.cn:3306/mqtt_power?useUnicode=true&characterEncoding=utf-8&serverTimezone=Asia/Shanghai
|
||||
username: root
|
||||
password: mysql_a4MQ4P
|
||||
password: mysql_3wdCbm
|
||||
mvc:
|
||||
pathmatch:
|
||||
matching-strategy: ANT_PATH_MATCHER
|
||||
|
||||
Reference in New Issue
Block a user