项目登录流程如下
用户进入前端登录界面,输入账号密码等,输入完成之后前端发送请求到后端(拦截器不会拦截登录请求),后端验证账号密码等成功之后生成Token并存储到数据库,数据库中包含该Token过期时间,然后返回生成的Token到前端。
前端收到Token,表示登录成功,把这个Token存储本地。然后跳转到用户中心页面,用户中心页面在ajax的请求头中带上Token,跟随请求用户数据接口一起带到后端。
后端通过拦截器拦截到这个请求,去判断这个Token是否有效,有效就放过去做他该做的事情,无效就抛出异常。
跨域配置
先说一下这个前后分离的项目,已经配置过跨域这些问题。我这里后端WebMvcConfig配置的方式如下:
import com.zdyl.devicemanagement.interceptor.AccessInterceptor;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
import org.springframework.web.filter.CorsFilter;
import org.springframework.web.servlet.config.annotation.CorsRegistry;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
import javax.annotation.Resource;
import java.util.ArrayList;
import java.util.List;
@Configuration
public class WebMvcConfig implements WebMvcConfigurer {
@Resource
private WebServerConfig webServerConfig;
@Bean
public AccessInterceptor getAccessInterceptor() {
return new AccessInterceptor();
}
@Override
public void addInterceptors(InterceptorRegistry registry) {
List<String> excludeUrl = new ArrayList<>();
excludeUrl.add("/error");
excludeUrl.add("/v1/zdyl/downloadFile");
excludeUrl.add("/v1/zdyl/lcoStation/qrcode/**");
excludeUrl.add("/devicemanagement/images/**/*");
excludeUrl.add("/upgrade/**");
excludeUrl.add("/v1/zdyl/login/**");
excludeUrl.add("/NewsImage/**");
excludeUrl.add("/v1/zdyl/equipment/alarm/toExcel/test");
excludeUrl.add("/v1/zdyl/deviceMonitoring/get/alarm/toExcel/**");
registry.addInterceptor(getAccessInterceptor()).addPathPatterns("/**")
.excludePathPatterns(excludeUrl);
}
@Override
public void addResourceHandlers(ResourceHandlerRegistry registry) {
List<String> locations = new ArrayList<String>();
locations.add("classpath:/META-INF/resources/");
locations.add("classpath:/resources/");
locations.add("classpath:/public/");
locations.add("file:" + webServerConfig.getUploadFileLocation());
locations.add("file:" + webServerConfig.getPicpath());
locations.add("file:" + webServerConfig.getProjectsource());
String[] myArray = new String[locations.size()];
registry.addResourceHandler("/**").addResourceLocations(locations.toArray(myArray));
}
@Bean
public CorsFilter corsFilter() {
UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
CorsConfiguration config = new CorsConfiguration();
config.setAllowCredentials(true);
config.addAllowedOrigin("*");
config.addAllowedHeader("*");
config.addAllowedMethod("*");
source.registerCorsConfiguration("/**", config);
return new CorsFilter(source);
}
@Override
public void addCorsMappings(CorsRegistry registry) {
registry.addMapping("/**")
.allowedHeaders("*")
.allowCredentials(true)
.allowedOrigins("*")
.allowedMethods("POST", "GET", "DELETE", "PUT", "OPTIONS")<mark style="color:transparent">本文来源gaodaimacom搞#^代%!码&网*</mark>
.maxAge(3600);
}
}
搞代码网(gaodaima.com)提供的所有资源部分来自互联网,如果有侵犯您的版权或其他权益,请说明详细缘由并提供版权或权益证明然后发送到邮箱[email protected],我们会在看到邮件的第一时间内为您处理,或直接联系QQ:872152909。本网站采用BY-NC-SA协议进行授权
转载请注明原文链接:Springboot前后端分离项目配置跨域实现过程解析
转载请注明原文链接:Springboot前后端分离项目配置跨域实现过程解析
