diff --git a/src/main/java/com/aida/gateway/filter/CorsResponseFilter.java b/src/main/java/com/aida/gateway/filter/CorsResponseFilter.java deleted file mode 100644 index 6b043a8..0000000 --- a/src/main/java/com/aida/gateway/filter/CorsResponseFilter.java +++ /dev/null @@ -1,33 +0,0 @@ -package com.aida.gateway.filter; - -import lombok.extern.slf4j.Slf4j; -import org.springframework.core.Ordered; -import org.springframework.core.annotation.Order; -import org.springframework.http.HttpHeaders; -import org.springframework.stereotype.Component; -import org.springframework.web.server.ServerWebExchange; -import org.springframework.web.server.WebFilter; -import org.springframework.web.server.WebFilterChain; -import reactor.core.publisher.Mono; - -@Component -@Order(Ordered.LOWEST_PRECEDENCE) -@Slf4j -public class CorsResponseFilter implements WebFilter { - - @Override - public Mono filter(ServerWebExchange exchange, WebFilterChain chain) { - return chain.filter(exchange).doOnSuccess(aVoid -> { - String origin = exchange.getRequest().getHeaders().getFirst("Origin"); - log.debug("Setting CORS headers for Origin: {}", origin); - - exchange.getResponse().getHeaders().set(HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN, - origin != null ? origin : "*"); - exchange.getResponse().getHeaders().set(HttpHeaders.ACCESS_CONTROL_ALLOW_METHODS, - "GET, POST, PUT, DELETE, OPTIONS, PATCH"); - exchange.getResponse().getHeaders().set(HttpHeaders.ACCESS_CONTROL_ALLOW_HEADERS, "*"); - exchange.getResponse().getHeaders().set(HttpHeaders.ACCESS_CONTROL_ALLOW_CREDENTIALS, "true"); - exchange.getResponse().getHeaders().set(HttpHeaders.ACCESS_CONTROL_MAX_AGE, "3600"); - }); - } -} diff --git a/src/main/java/com/aida/gateway/filter/GlobalAuthWebFilter.java b/src/main/java/com/aida/gateway/filter/GlobalAuthWebFilter.java index a5abc87..8ee0352 100644 --- a/src/main/java/com/aida/gateway/filter/GlobalAuthWebFilter.java +++ b/src/main/java/com/aida/gateway/filter/GlobalAuthWebFilter.java @@ -14,6 +14,7 @@ import lombok.extern.slf4j.Slf4j; import org.springframework.core.Ordered; import org.springframework.core.io.buffer.DataBuffer; import org.springframework.data.redis.core.ReactiveRedisTemplate; +import org.springframework.http.HttpHeaders; import org.springframework.http.HttpStatus; import org.springframework.http.MediaType; import org.springframework.http.server.reactive.ServerHttpRequest; @@ -59,13 +60,8 @@ public class GlobalAuthWebFilter implements WebFilter, Ordered { @Override public Mono filter(ServerWebExchange exchange, WebFilterChain chain) { String path = exchange.getRequest().getURI().getPath(); - String origin = exchange.getRequest().getHeaders().getFirst("Origin"); - String host = exchange.getRequest().getHeaders().getFirst("Host"); - log.debug("Request received - Path: {}, Origin: {}, Host: {}, Method: {}", - path, origin, host, exchange.getRequest().getMethod()); if ("OPTIONS".equalsIgnoreCase(exchange.getRequest().getMethod().name())) { - log.debug("OPTIONS request detected, Origin: {}", origin); return chain.filter(exchange); } @@ -176,6 +172,11 @@ public class GlobalAuthWebFilter implements WebFilter, Ordered { ServerHttpResponse response = exchange.getResponse(); response.setStatusCode(HttpStatus.UNAUTHORIZED); response.getHeaders().setContentType(MediaType.APPLICATION_JSON); + String origin = exchange.getRequest().getHeaders().getFirst(HttpHeaders.ORIGIN); + if (origin != null) { + response.getHeaders().set(HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN, origin); + response.getHeaders().set(HttpHeaders.ACCESS_CONTROL_ALLOW_CREDENTIALS, "true"); + } String body = String.format("{\"code\":401,\"message\":\"%s\"}", message); DataBuffer buffer = response.bufferFactory().wrap(body.getBytes(StandardCharsets.UTF_8)); return response.writeWith(Mono.just(buffer));