package cc.mrbird.febs.gateway.enhance.auth;
|
|
import org.springframework.core.Ordered;
|
import org.springframework.core.annotation.Order;
|
import org.springframework.http.HttpHeaders;
|
import org.springframework.http.HttpMethod;
|
import org.springframework.http.HttpStatus;
|
import org.springframework.http.server.reactive.ServerHttpRequest;
|
import org.springframework.http.server.reactive.ServerHttpResponse;
|
import org.springframework.stereotype.Component;
|
import org.springframework.web.cors.reactive.CorsUtils;
|
import org.springframework.web.server.ServerWebExchange;
|
import org.springframework.web.server.WebFilter;
|
import org.springframework.web.server.WebFilterChain;
|
import reactor.core.publisher.Mono;
|
|
/**
|
* @author MrBird
|
*/
|
@Component
|
@Order(Ordered.HIGHEST_PRECEDENCE)
|
public class WebFluxSecurityCorsFilter implements WebFilter {
|
|
@Override
|
@SuppressWarnings("all")
|
public Mono<Void> filter(ServerWebExchange exchange, WebFilterChain chain) {
|
ServerHttpRequest request = exchange.getRequest();
|
if (CorsUtils.isCorsRequest(request)) {
|
ServerHttpResponse response = exchange.getResponse();
|
HttpHeaders headers = response.getHeaders();
|
headers.add("Access-Control-Allow-Origin", "*");
|
headers.add("Access-Control-Allow-Methods", "*");
|
headers.add("Access-Control-Max-Age", "3600");
|
headers.add("Access-Control-Allow-Headers", "*");
|
if (request.getMethod() == HttpMethod.OPTIONS) {
|
response.setStatusCode(HttpStatus.OK);
|
return Mono.empty();
|
}
|
}
|
return chain.filter(exchange);
|
}
|
}
|
