Springboot前后端分离项目配置跨域实现过程解析

项目登录流程如下

用户进入前端登录界面，输入账号密码等，输入完成之后前端发送请求到后端(拦截器不会拦截登录请求)，后端验证账号密码等成功之后生成Token并存储到数据库，数据库中包含该Token过期时间，然后返回生成的Token到前端。

前端收到Token，表示登录成功，把这个Token存储本地。然后跳转到用户中心页面，用户中心页面在ajax的请求头中带上Token，跟随请求用户数据接口一起带到后端。

后端通过拦截器拦截到这个请求，去判断这个Token是否有效，有效就放过去做他该做的事情，无效就抛出异常。

跨域配置

先说一下这个前后分离的项目，已经配置过跨域这些问题。我这里后端WebMvcConfig配置的方式如下：

import com.zdyl.devicemanagement.interceptor.AccessInterceptor;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.UrlbasedCorsConfigurationSource;
import org.springframework.web.filter.CorsFilter;
import org.springframework.web.servlet.config.annotation.CorsRegistry;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;

import javax.annotation.Resource;
import java.util.ArrayList;
import java.util.List;

@Configuration
public class WebMvcConfig implements WebMvcConfigurer {
  @Resource
  private WebServerConfig webServerConfig;

  @Bean
  public AccessInterceptor getAccessInterceptor() {
    return new AccessInterceptor();
  }

  @Override
  public void addInterceptors(InterceptorRegistry registry) {
    List excludeUrl = new ArrayList<>();
    excludeUrl.add("/error");
    excludeUrl.add("/v1/zdyl/downloadFile");
    excludeUrl.add("/v1/zdyl/lcoStation/qrcode*");
    excludeUrl.add("/upgrade
  private String getRequestToken(HttpServletRequest httpRequest) {
    //从header中获取token
    String host = httpRequest.getHeader("token");

    //如果header中不存在token，则从参数中获取token
    if (StringUtils.isEmpty(host)) {
      host = httpRequest.getParameter("token");
    }
//    if (StringUtils.isEmpty(host)) {
//      cookie[] cks = httpRequest.getcookies();
//      for (cookie cookie : cks) {
// if (cookie.getName().equals("yzjjwt")) {
//   host = cookie.getValue();
//   return host;
// }
//      }
//    }
    return host;
  }

  
  private String getRequestloginId(HttpServletRequest httpRequest) {
    //从header中获取token
    String loginId = httpRequest.getHeader("loginId");

    //如果header中不存在token，则从参数中获取token
    if (StringUtils.isEmpty(loginId)) {
      loginId = httpRequest.getParameter("loginId");
    }
//    if (StringUtils.isEmpty(loginId)) {
//      cookie[] cks = httpRequest.getcookies();
//      for (cookie cookie : cks) {
// if (cookie.getName().equals("yzjjwt")) {
//   loginId = cookie.getValue();
//   return loginId;
// }
//      }
//    }
    return loginId;
  }


protected boolean addCors(ServletRequest request, ServletResponse response) throws Exception {
  HttpServletRequest httpServletRequest = (HttpServletRequest) request;
  HttpServletResponse httpServletResponse = (HttpServletResponse) response;
  httpServletResponse.setHeader("Access-control-Allow-Origin", httpServletRequest.getHeader("Origin"));
  httpServletResponse.setHeader("Access-Control-Allow-Methods", "GET,POST,OPTIONS,PUT,DELETE");
  httpServletResponse.setHeader("Access-Control-Allow-Headers", httpServletRequest.getHeader("Access-Control-Request-Headers"));
  // 跨域时会首先发送一个option请求，这里我们给option请求直接返回正常状态
  if (httpServletRequest.getMethod().equals(RequestMethod.OPTIONS.name())) {
    httpServletResponse.setStatus(HttpStatus.OK.value());
    return false;
  }
  return super.preHandle(request, response);
}


}

自定义异常RRException代码

public class RRException extends RuntimeException {
  private static final long serialVersionUID = 1L;

  private String message;
  private String code = "INVALID";
  private int status = 0;

  public RRException(String msg) {
    super(msg);
    this.message = msg;
  }

  public RRException(String msg, Throwable e) {
    super(msg, e);
    this.message = msg;
  }

  public RRException(String msg, String code) {
    super(msg);
    this.message = msg;
    this.code = code;
  }
  public RRException(String msg, int status) {
    super(msg);
    this.message = msg;
    this.status = status;
  }

  public RRException(String msg, String code, Throwable e) {
    super(msg, e);
    this.message = msg;
    this.code = code;
  }

  public String getMsg() {
    return message;
  }

  public void setMsg(String msg) {
    this.message = msg;
  }

  public String getCode() {
    return code;
  }

  public void setCode(String code) {
    this.code = code;
  }

  public int getStatus() {
    return status;
  }

  public void setStatus(int status) {
    this.status = status;
  }
}

以上就是本文的全部内容，希望对大家的学习有所帮助，也希望大家多多支持考高分网。