perf(sso): sso 示例代码的跨域处理由原生方式改为 Sa-Token 过滤器模式

sa-token-demo/sa-token-demo-sso/sa-token-demo-sso-server/src/main/java/com/pj/h5/CorsFilter.java

@@ -1,54 +0,0 @@
-package com.pj.h5;
-
-import org.springframework.core.annotation.Order;
-import org.springframework.stereotype.Component;
-
-import javax.servlet.*;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import java.io.IOException;
-
-/**
- * 跨域过滤器 
- * @author click33 
- */
-@Component
-@Order(-200)
-public class CorsFilter implements Filter {
-
-	static final String OPTIONS = "OPTIONS";
-
-	@Override
-	public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain)
-			throws IOException, ServletException {
-		HttpServletRequest request = (HttpServletRequest) req;
-		HttpServletResponse response = (HttpServletResponse) res;
-		
-		// 允许指定域访问跨域资源
-		response.setHeader("Access-Control-Allow-Origin", "*");
-		// 允许所有请求方式
-		response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE");
-		// 有效时间
-		response.setHeader("Access-Control-Max-Age", "3600");
-		// 允许的header参数
-		response.setHeader("Access-Control-Allow-Headers", "x-requested-with,satoken");
-
-		// 如果是预检请求，直接返回
-		if (OPTIONS.equals(request.getMethod())) {
-			System.out.println("=======================浏览器发来了OPTIONS预检请求==========");
-			response.getWriter().print("");
-			return;
-		}
-
-		chain.doFilter(req, res);
-	}
-
-	@Override
-	public void init(FilterConfig filterConfig) {
-	}
-
-	@Override
-	public void destroy() {
-	}
-
-}

sa-token-demo/sa-token-demo-sso/sa-token-demo-sso-server/src/main/java/com/pj/h5/SaTokenConfigure.java

@@ -0,0 +1,64 @@
+package com.pj.h5;
+
+import cn.dev33.satoken.context.SaHolder;
+import cn.dev33.satoken.filter.SaServletFilter;
+import cn.dev33.satoken.router.SaHttpMethod;
+import cn.dev33.satoken.router.SaRouter;
+import cn.dev33.satoken.util.SaResult;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
+
+/**
+ * [Sa-Token 权限认证] 配置类 （解决跨域问题）
+ *
+ * @author click33
+ */
+@Configuration
+public class SaTokenConfigure implements WebMvcConfigurer {
+
+    /**
+     * 注册 [Sa-Token 全局过滤器] 
+     */
+    @Bean
+    public SaServletFilter getSaServletFilter() {
+        return new SaServletFilter()
+
+                // 指定 [拦截路由] 与 [放行路由]
+                .addInclude("/**").addExclude("/favicon.ico")
+
+                // 认证函数: 每次请求执行
+                .setAuth(obj -> {
+                    // SaManager.getLog().debug("----- 请求path={}  提交token={}", SaHolder.getRequest().getRequestPath(), StpUtil.getTokenValue());
+                    // ...
+                })
+
+                // 异常处理函数：每次认证函数发生异常时执行此函数
+                .setError(e -> {
+                    return SaResult.error(e.getMessage());
+                })
+
+                // 前置函数：在每次认证函数之前执行
+                .setBeforeAuth(obj -> {
+                    SaHolder.getResponse()
+
+                            // ---------- 设置跨域响应头 ----------
+                            // 允许指定域访问跨域资源
+                            .setHeader("Access-Control-Allow-Origin", "*")
+                            // 允许所有请求方式
+                            .setHeader("Access-Control-Allow-Methods", "*")
+                            // 允许的header参数
+                            .setHeader("Access-Control-Allow-Headers", "*")
+                            // 有效时间
+                            .setHeader("Access-Control-Max-Age", "3600")
+                    ;
+
+                    // 如果是预检请求，则立即返回到前端
+                    SaRouter.match(SaHttpMethod.OPTIONS)
+                            .free(r -> System.out.println("--------OPTIONS预检请求，不做处理"))
+                            .back();
+                })
+                ;
+    }
+
+}

sa-token-demo/sa-token-demo-sso/sa-token-demo-sso2-client/src/main/java/com/pj/h5/CorsFilter.java

@@ -1,61 +0,0 @@
-package com.pj.h5;
-
-import java.io.IOException;
-
-import javax.servlet.Filter;
-import javax.servlet.FilterChain;
-import javax.servlet.FilterConfig;
-import javax.servlet.ServletException;
-import javax.servlet.ServletRequest;
-import javax.servlet.ServletResponse;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import org.springframework.core.annotation.Order;
-import org.springframework.stereotype.Component;
-
-/**
- * 跨域过滤器
- * @author click33 
- */
-@Component
-@Order(-200)
-public class CorsFilter implements Filter {
-
-	static final String OPTIONS = "OPTIONS";
-
-	@Override
-	public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain)
-			throws IOException, ServletException {
-		HttpServletRequest request = (HttpServletRequest) req;
-		HttpServletResponse response = (HttpServletResponse) res;
-		
-		// 允许指定域访问跨域资源
-		response.setHeader("Access-Control-Allow-Origin", "*");
-		// 允许所有请求方式
-		response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE");
-		// 有效时间
-		response.setHeader("Access-Control-Max-Age", "3600");
-		// 允许的header参数
-		response.setHeader("Access-Control-Allow-Headers", "x-requested-with,satoken");
-
-		// 如果是预检请求，直接返回
-		if (OPTIONS.equals(request.getMethod())) {
-			System.out.println("=======================浏览器发来了OPTIONS预检请求==========");
-			response.getWriter().print("");
-			return;
-		}
-
-		// System.out.println("*********************************过滤器被使用**************************");
-		chain.doFilter(req, res);
-	}
-
-	@Override
-	public void init(FilterConfig filterConfig) {
-	}
-
-	@Override
-	public void destroy() {
-	}
-
-}

sa-token-demo/sa-token-demo-sso/sa-token-demo-sso2-client/src/main/java/com/pj/h5/SaTokenConfigure.java

@@ -0,0 +1,64 @@
+package com.pj.h5;
+
+import cn.dev33.satoken.context.SaHolder;
+import cn.dev33.satoken.filter.SaServletFilter;
+import cn.dev33.satoken.router.SaHttpMethod;
+import cn.dev33.satoken.router.SaRouter;
+import cn.dev33.satoken.util.SaResult;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
+
+/**
+ * [Sa-Token 权限认证] 配置类 （解决跨域问题）
+ *
+ * @author click33
+ */
+@Configuration
+public class SaTokenConfigure implements WebMvcConfigurer {
+
+    /**
+     * 注册 [Sa-Token 全局过滤器]
+     */
+    @Bean
+    public SaServletFilter getSaServletFilter() {
+        return new SaServletFilter()
+
+                // 指定 [拦截路由] 与 [放行路由]
+                .addInclude("/**").addExclude("/favicon.ico")
+
+                // 认证函数: 每次请求执行
+                .setAuth(obj -> {
+                    // SaManager.getLog().debug("----- 请求path={}  提交token={}", SaHolder.getRequest().getRequestPath(), StpUtil.getTokenValue());
+                    // ...
+                })
+
+                // 异常处理函数：每次认证函数发生异常时执行此函数
+                .setError(e -> {
+                    return SaResult.error(e.getMessage());
+                })
+
+                // 前置函数：在每次认证函数之前执行
+                .setBeforeAuth(obj -> {
+                    SaHolder.getResponse()
+
+                            // ---------- 设置跨域响应头 ----------
+                            // 允许指定域访问跨域资源
+                            .setHeader("Access-Control-Allow-Origin", "*")
+                            // 允许所有请求方式
+                            .setHeader("Access-Control-Allow-Methods", "*")
+                            // 允许的header参数
+                            .setHeader("Access-Control-Allow-Headers", "*")
+                            // 有效时间
+                            .setHeader("Access-Control-Max-Age", "3600")
+                    ;
+
+                    // 如果是预检请求，则立即返回到前端
+                    SaRouter.match(SaHttpMethod.OPTIONS)
+                            .free(r -> System.out.println("--------OPTIONS预检请求，不做处理"))
+                            .back();
+                })
+                ;
+    }
+
+}