opt:管理后台系统优化。

2026-02-06 18:05:13 +08:00
parent c23fa3f3f3
commit 4247b41831
10 changed files with 211 additions and 115 deletions
--- a/nl-common/src/main/java/org/nl/config/CorsFilter.java
+++ b/nl-common/src/main/java/org/nl/config/CorsFilter.java
@@ -0,0 +1,55 @@
+//package org.nl.config;
+//
+//import jakarta.servlet.*;
+//import jakarta.servlet.http.HttpServletRequest;
+//import jakarta.servlet.http.HttpServletResponse;
+//import org.springframework.core.annotation.Order;
+//import org.springframework.stereotype.Component;
+//
+//import java.io.IOException;
+//
+///**
+// * 跨域过滤器
+// * @author kong
+// */
+//@Component
+//@Order(-200)
+//public class CorsFilter implements Filter {
+//
+//	static final String OPTIONS = "OPTIONS";
+//
+//	@Override
+//	public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain)
+//			throws IOException, ServletException {
+//		HttpServletRequest request = (HttpServletRequest) req;
+//		HttpServletResponse response = (HttpServletResponse) res;
+//		// 允许指定域访问跨域资源
+//		response.setHeader("Access-Control-Allow-Origin", "*");
+//		// 允许所有请求方式
+//		response.setHeader("Access-Control-Allow-Methods", "*");
+//		// 有效时间
+//		response.setHeader("Access-Control-Max-Age", "3600");
+//		// 允许的header参数
+//		response.setHeader("Access-Control-Allow-Headers", "*");
+//		response.setHeader("Access-Control-Allow-Credentials", "true");
+//
+//		// 如果是预检请求，直接返回
+//		if (OPTIONS.equals(request.getMethod())) {
+//			System.out.println("=======================浏览器发来了OPTIONS预检请求==========");
+//			response.getWriter().print("");
+//			return;
+//		}
+//
+//		// System.out.println("*********************************过滤器被使用**************************");
+//		chain.doFilter(req, res);
+//	}
+//
+//	@Override
+//	public void init(FilterConfig filterConfig) {
+//	}
+//
+//	@Override
+//	public void destroy() {
+//	}
+//
+//}
--- a/nl-common/src/main/java/org/nl/satoken/SaTokenConfig.java
+++ b/nl-common/src/main/java/org/nl/satoken/SaTokenConfig.java
@@ -1,13 +1,23 @@
 package org.nl.satoken;

+import cn.dev33.satoken.context.SaHolder;
 import cn.dev33.satoken.interceptor.SaInterceptor;
+import cn.dev33.satoken.jwt.StpLogicJwtForSimple;
 import cn.dev33.satoken.router.SaRouter;
+import cn.dev33.satoken.stp.StpLogic;
 import cn.dev33.satoken.stp.StpUtil;
 import jakarta.annotation.Resource;
+import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.web.cors.CorsConfiguration;
+import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
+import org.springframework.web.filter.CorsFilter;
 import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
 import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;

+import java.util.Arrays;
+import java.util.Collections;
+

 /**
 * @author dsh
@@ -19,10 +29,64 @@ public class SaTokenConfig implements WebMvcConfigurer {
    @Resource
    private SecurityProperties securityProperties;

+    // Sa-Token 整合 jwt (Simple 简单模式)
+    @Bean
+    public StpLogic getStpLogicJwt() {
+        return new StpLogicJwtForSimple();
+    }
+
    @Override
    public void addInterceptors(InterceptorRegistry registry) {
-        registry.addInterceptor(new SaInterceptor(handle -> StpUtil.checkLogin()))
+        registry.addInterceptor(new SaInterceptor(handle -> {
+                    // 检查是否为 OPTIONS 请求
+                    String method = SaHolder.getRequest().getMethod();
+                    if ("OPTIONS".equalsIgnoreCase(method)) {
+                        return; // 直接放行 OPTIONS 请求
+                    }
+                    StpUtil.checkLogin();
+                }))
                .addPathPatterns("/**")
                .excludePathPatterns(securityProperties.getExcludes());
    }
+
+    @Bean
+    public CorsFilter corsFilter() {
+        CorsConfiguration config = new CorsConfiguration();
+
+        // 允许的源
+        config.setAllowedOriginPatterns(Collections.singletonList("*"));
+        // 注意：如果要指定具体域名，使用下面的方式
+        // config.setAllowedOrigins(Arrays.asList(
+        //     "http://192.168.10.17:8018",
+        //     "http://localhost:8018",
+        //     "http://127.0.0.1:8018"
+        // ));
+
+        // 允许凭证（cookies）
+        config.setAllowCredentials(true);
+
+        // 允许的请求方法
+        config.setAllowedMethods(Arrays.asList(
+                "GET", "POST", "PUT", "DELETE", "OPTIONS", "PATCH", "HEAD"
+        ));
+
+        // 允许的请求头
+        config.setAllowedHeaders(Arrays.asList(
+                "Origin", "X-Requested-With", "Content-Type", "Accept",
+                "Authorization", "satoken", "X-Token", "X-Requested-With"
+        ));
+
+        // 暴露的响应头
+        config.setExposedHeaders(Arrays.asList(
+                "satoken", "Authorization", "Content-Disposition"
+        ));
+
+        // 预检请求的缓存时间（秒）
+        config.setMaxAge(3600L);
+
+        UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
+        source.registerCorsConfiguration("/**", config);
+
+        return new CorsFilter(source);
+    }
 }