cors

src/main/java/com/aida/gateway/filter/CorsResponseFilter.java

@@ -1,33 +0,0 @@
-package com.aida.gateway.filter;
-
-import lombok.extern.slf4j.Slf4j;
-import org.springframework.core.Ordered;
-import org.springframework.core.annotation.Order;
-import org.springframework.http.HttpHeaders;
-import org.springframework.stereotype.Component;
-import org.springframework.web.server.ServerWebExchange;
-import org.springframework.web.server.WebFilter;
-import org.springframework.web.server.WebFilterChain;
-import reactor.core.publisher.Mono;
-
-@Component
-@Order(Ordered.LOWEST_PRECEDENCE)
-@Slf4j
-public class CorsResponseFilter implements WebFilter {
-
-    @Override
-    public Mono<Void> filter(ServerWebExchange exchange, WebFilterChain chain) {
-        return chain.filter(exchange).doOnSuccess(aVoid -> {
-            String origin = exchange.getRequest().getHeaders().getFirst("Origin");
-            log.debug("Setting CORS headers for Origin: {}", origin);
-            
-            exchange.getResponse().getHeaders().set(HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN, 
-                    origin != null ? origin : "*");
-            exchange.getResponse().getHeaders().set(HttpHeaders.ACCESS_CONTROL_ALLOW_METHODS, 
-                    "GET, POST, PUT, DELETE, OPTIONS, PATCH");
-            exchange.getResponse().getHeaders().set(HttpHeaders.ACCESS_CONTROL_ALLOW_HEADERS, "*");
-            exchange.getResponse().getHeaders().set(HttpHeaders.ACCESS_CONTROL_ALLOW_CREDENTIALS, "true");
-            exchange.getResponse().getHeaders().set(HttpHeaders.ACCESS_CONTROL_MAX_AGE, "3600");
-        });
-    }
-}

src/main/java/com/aida/gateway/filter/GlobalAuthWebFilter.java

@@ -14,6 +14,7 @@ import lombok.extern.slf4j.Slf4j;
 import org.springframework.core.Ordered;
 import org.springframework.core.io.buffer.DataBuffer;
 import org.springframework.data.redis.core.ReactiveRedisTemplate;
+import org.springframework.http.HttpHeaders;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.MediaType;
 import org.springframework.http.server.reactive.ServerHttpRequest;
@@ -59,13 +60,8 @@ public class GlobalAuthWebFilter implements WebFilter, Ordered {
     @Override
     public Mono<Void> filter(ServerWebExchange exchange, WebFilterChain chain) {
         String path = exchange.getRequest().getURI().getPath();
-        String origin = exchange.getRequest().getHeaders().getFirst("Origin");
-        String host = exchange.getRequest().getHeaders().getFirst("Host");
-        log.debug("Request received - Path: {}, Origin: {}, Host: {}, Method: {}",
-                path, origin, host, exchange.getRequest().getMethod());
 
         if ("OPTIONS".equalsIgnoreCase(exchange.getRequest().getMethod().name())) {
-            log.debug("OPTIONS request detected, Origin: {}", origin);
             return chain.filter(exchange);
         }
 
@@ -176,6 +172,11 @@ public class GlobalAuthWebFilter implements WebFilter, Ordered {
         ServerHttpResponse response = exchange.getResponse();
         response.setStatusCode(HttpStatus.UNAUTHORIZED);
         response.getHeaders().setContentType(MediaType.APPLICATION_JSON);
+        String origin = exchange.getRequest().getHeaders().getFirst(HttpHeaders.ORIGIN);
+        if (origin != null) {
+            response.getHeaders().set(HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN, origin);
+            response.getHeaders().set(HttpHeaders.ACCESS_CONTROL_ALLOW_CREDENTIALS, "true");
+        }
         String body = String.format("{\"code\":401,\"message\":\"%s\"}", message);
         DataBuffer buffer = response.bufferFactory().wrap(body.getBytes(StandardCharsets.UTF_8));
         return response.writeWith(Mono.just(buffer));