我的RestController添加了@CrossOrigin,它允许“/signup”,但请求“/login”withCredentials:从前端应用程序获取true
CORS策略已阻止从源“http://localhost:8080”访问位于“http://localhost:8000/api/auth/login”的XMLHttpRequest:对印前检查请求的响应未通过访问控制检查:当请求的凭据模式为“include”时,响应中“Access-Control-Allow-Origin”标头的值不能为通配符“*”。XMLHttpRequest发起的请求的凭据模式由withCredentials属性控制。
我的RestController
@RestController
@RequestMapping("/api/auth")
@CrossOrigin
public class AuthController {
@Autowired
private UserService userService;
@Autowired
private AuthenticationManager authenticationManager;
@Autowired
private RefreshTokenService refreshTokenService;
@Autowired
private JwtService jwtService;
@PostMapping("/signup")
public ResponseEntity<?> addNewUser(@RequestBody @Valid User user) throws DataAlreadyPresent {
return new ResponseEntity<>(userService.addUser(user),HttpStatus.OK);
}
@PostMapping("/login")
public JwtResponse authenticateAndGetToken(@RequestBody AuthRequest authRequest) {
Authentication authentication = authenticationManager.authenticate(new UsernamePasswordAuthenticationToken(authRequest.getEmail(), authRequest.getPassword()));
if (authentication.isAuthenticated()) {
RefreshToken refreshToken = refreshTokenService.createRefreshToken(authRequest.getEmail());
return JwtResponse.builder()
.accessToken(jwtService.generateToken(authRequest.getEmail()))
.token(refreshToken.getToken()).build();
} else {
throw new UsernameNotFoundException("invalid user request !");
}
}
my Request from Login.vue方法
async login(){
await axios.post('http://localhost:8000/api/auth/login',this.authData,{
withCredentials: true
})
.then(res =>{
console.log(res.data);
});
}
正在获取CORS策略错误,而请求withCredentials:Spring REST中的true
如何允许来自我的前端应用程序的请求?
1条答案
按热度按时间u4dcyp6a1#
已修复,已添加
@CrossOrigin(origins = "http://localhost:8080", allowCredentials = "true")
在我的控制器里