公网跨域测试

license/src/main/java/iot/sixiang/license/jwt/JwtFilter.java

@@ -14,9 +14,10 @@ import java.io.IOException;
 import java.util.Map;
 
 @Slf4j
-@WebFilter(filterName = "jwtFilter", urlPatterns = "/iot_license/*")
+@WebFilter(filterName = "jwtFilter", urlPatterns = "/*")
 public class JwtFilter implements Filter {
-
+    private static final String url1 = "/login";
+    private static final String url2 = "/resource";
 
     @Override
     public void init(FilterConfig filterConfig) throws ServletException {
@@ -28,45 +29,52 @@ public class JwtFilter implements Filter {
     public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
         final HttpServletRequest request = (HttpServletRequest) servletRequest;
         final HttpServletResponse response = (HttpServletResponse) servletResponse;
-
         response.setContentType("text/html; charset=utf-8");
-        //获取header里的token
-        String token = request.getHeader("authorization");
-        //除了 OPTIONS请求以外, 其它请求应该被JWT检查
+        response.setHeader("Access-Control-Allow-Origin", "*");
+        response.addHeader("Access-Control-Allow-Credentials", "true");
+        response.addHeader("Access-Control-Allow-Methods", "GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH");
+
         if ("OPTIONS".equals(request.getMethod())) {
             response.setStatus(HttpServletResponse.SC_OK);
+        }
+
+        String token = request.getHeader("authorization");
+        boolean check = true;
+        String uri = request.getRequestURI();
+        if (uri.contains(url1) || uri.contains(url2)) {
+            check = false;
+        }
+        if (!check) {
             filterChain.doFilter(request, response);
-        } else {
-            if (token == null) {
-                String resultStr = JSON.toJSONString(ResResult.fail().msg("认证信息不能为空"));
-                response.getWriter().write(resultStr);
-                return;
-            }
+            return;
         }
 
-        DecodedJWT jwt = JwtUtil.verifyToken(token);
-        if(jwt==null){
-            String resultStr = JSON.toJSONString(ResResult.fail().msg("认证信息非法"));
+        if (token == null) {
+            String resultStr = JSON.toJSONString(ResResult.fail().msg("认证信息不能为空"));
             response.getWriter().write(resultStr);
             return;
-        }else{
-            Map<String, Claim> userData = jwt.getClaims();
-            if (userData == null) {
+        } else {
+            DecodedJWT jwt = JwtUtil.verifyToken(token);
+            if (jwt == null) {
                 String resultStr = JSON.toJSONString(ResResult.fail().msg("认证信息非法"));
                 response.getWriter().write(resultStr);
                 return;
+            } else {
+                Map<String, Claim> userData = jwt.getClaims();
+                if (userData == null) {
+                    String resultStr = JSON.toJSONString(ResResult.fail().msg("认证信息非法"));
+                    response.getWriter().write(resultStr);
+                    return;
+                }
+
+                String userName = userData.get("userName").asString();
+                String password = userData.get("password").asString();
+                //拦截器 拿到用户信息，放到request中
+                request.setAttribute("userName", userName);
+                request.setAttribute("password", password);
+                filterChain.doFilter(request, response);
             }
-
-            String userName = userData.get("userName").asString();
-            String password = userData.get("password").asString();
-            //拦截器 拿到用户信息，放到request中
-            request.setAttribute("userName", userName);
-            request.setAttribute("password", password);
-            filterChain.doFilter(servletRequest, servletResponse);
         }
-
-
-
     }
 
     @Override