aidlab/aida-gateway
7
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

cors

Browse Source
This commit is contained in:
litianxiang
2026-05-06 10:39:55 +08:00
parent e642dbf041
commit 94379b9a16
2 changed files with 6 additions and 38 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
src/main/java/com/aida/gateway/filter/CorsResponseFilter.java
View File

@@ -1,33 +0,0 @@
package com.aida.gateway.filter;
import lombok.extern.slf4j.Slf4j;
import org.springframework.core.Ordered;
import org.springframework.core.annotation.Order;
import org.springframework.http.HttpHeaders;
import org.springframework.stereotype.Component;
import org.springframework.web.server.ServerWebExchange;
import org.springframework.web.server.WebFilter;
import org.springframework.web.server.WebFilterChain;
import reactor.core.publisher.Mono;
@Component
@Order(Ordered.LOWEST_PRECEDENCE)
@Slf4j
public class CorsResponseFilter implements WebFilter {
@Override
public Mono<Void> filter(ServerWebExchange exchange, WebFilterChain chain) {
return chain.filter(exchange).doOnSuccess(aVoid -> {
String origin = exchange.getRequest().getHeaders().getFirst("Origin");
log.debug("Setting CORS headers for Origin: {}", origin);
exchange.getResponse().getHeaders().set(HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN,
origin != null ? origin : "*");
exchange.getResponse().getHeaders().set(HttpHeaders.ACCESS_CONTROL_ALLOW_METHODS,
"GET, POST, PUT, DELETE, OPTIONS, PATCH");
exchange.getResponse().getHeaders().set(HttpHeaders.ACCESS_CONTROL_ALLOW_HEADERS, "*");
exchange.getResponse().getHeaders().set(HttpHeaders.ACCESS_CONTROL_ALLOW_CREDENTIALS, "true");
exchange.getResponse().getHeaders().set(HttpHeaders.ACCESS_CONTROL_MAX_AGE, "3600");
});
}
}

11
src/main/java/com/aida/gateway/filter/GlobalAuthWebFilter.java
View File

@@ -14,6 +14,7 @@ import lombok.extern.slf4j.Slf4j;
import org.springframework.core.Ordered;
import org.springframework.core.io.buffer.DataBuffer;
import org.springframework.data.redis.core.ReactiveRedisTemplate;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpStatus;
import org.springframework.http.MediaType;
import org.springframework.http.server.reactive.ServerHttpRequest;
@@ -59,13 +60,8 @@ public class GlobalAuthWebFilter implements WebFilter, Ordered {
@Override
public Mono<Void> filter(ServerWebExchange exchange, WebFilterChain chain) {
String path = exchange.getRequest().getURI().getPath();
String origin = exchange.getRequest().getHeaders().getFirst("Origin");
String host = exchange.getRequest().getHeaders().getFirst("Host");
log.debug("Request received - Path: {}, Origin: {}, Host: {}, Method: {}",
path, origin, host, exchange.getRequest().getMethod());
if ("OPTIONS".equalsIgnoreCase(exchange.getRequest().getMethod().name())) {
log.debug("OPTIONS request detected, Origin: {}", origin);
return chain.filter(exchange);
}
@@ -176,6 +172,11 @@ public class GlobalAuthWebFilter implements WebFilter, Ordered {
ServerHttpResponse response = exchange.getResponse();
response.setStatusCode(HttpStatus.UNAUTHORIZED);
response.getHeaders().setContentType(MediaType.APPLICATION_JSON);
String origin = exchange.getRequest().getHeaders().getFirst(HttpHeaders.ORIGIN);
if (origin != null) {
response.getHeaders().set(HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN, origin);
response.getHeaders().set(HttpHeaders.ACCESS_CONTROL_ALLOW_CREDENTIALS, "true");
}
String body = String.format("{\"code\":401,\"message\":\"%s\"}", message);
DataBuffer buffer = response.bufferFactory().wrap(body.getBytes(StandardCharsets.UTF_8));
return response.writeWith(Mono.just(buffer));