[feat] 新增跨域支持

2026-01-26 11:51:55 +08:00 · 2024-07-25 13:41:15 +08:00
parent 6880fd38d7
commit ff22cd374f
2 changed files with 230 additions and 110 deletions
--- a/ruoyi-gateway/src/main/kotlin/com/ruoyi/gateway/config/CorsFilter.kt
+++ b/ruoyi-gateway/src/main/kotlin/com/ruoyi/gateway/config/CorsFilter.kt
@@ -0,0 +1,32 @@
+package com.ruoyi.gateway.config
+
+import org.apache.commons.lang3.ObjectUtils
+import org.springframework.beans.factory.annotation.Value
+import org.springframework.context.annotation.Bean
+import org.springframework.context.annotation.Configuration
+import org.springframework.web.server.WebFilter
+
+
+@Configuration
+open class CorsConfig {
+    @Value("\${cors.orgins}")
+    private val corsOrgins: String? = null
+
+    @Bean
+    open fun corsFilter(): WebFilter {
+        return WebFilter { exchange, chain ->
+            val response = exchange.response
+            val request = exchange.request
+            if (!ObjectUtils.isEmpty(corsOrgins)) {
+                response.headers["Access-Control-Allow-Origin"] = corsOrgins
+            } else {
+                response.headers["Access-Control-Allow-Origin"] = "*"
+            }
+            response.headers["Access-Control-Allow-Credentials"] = "true"
+            response.headers["Access-Control-Max-Age"] = "3600"
+            response.headers["Access-Control-Allow-Methods"] = "GET,POST,PUT,DELETE,OPTIONS,HEAD"
+            response.headers["Access-Control-Allow-Headers"] = "X-Requested-With, Content-Type, Authorization, credential, X-XSRF-TOKEN, token, Admin-Token, App-Token"
+            chain.filter(exchange.mutate().request(request.mutate().build()).build())
+        }
+    }
+}