'commit'

3 months ago · db4cca2f5a
parent 3e0e717138
commit db4cca2f5a
5 changed files with 87 additions and 17 deletions
--- a/dsGw/src/main/java/com/dsideal/gw/Config/GatewayConfig.java
+++ b/dsGw/src/main/java/com/dsideal/gw/Config/GatewayConfig.java
@ -1,10 +1,10 @@
 package com.dsideal.gw.Config;

+import com.dsideal.gw.GwApplication;
 import com.jfinal.kit.Prop;
-import com.jfinal.kit.PropKit;

 public class GatewayConfig {
-    private static final Prop prop = PropKit.use("gateway-config.txt");
+    private static final Prop prop = GwApplication.PropKit;

    // 超时配置
    public static final int CONNECT_TIMEOUT = prop.getInt("gateway.timeout.connect", 10000);
@ -17,5 +17,7 @@ public class GatewayConfig {

    // 安全配置
    public static final String[] ALLOWED_ORIGINS = prop.get("gateway.security.cors.allowed-origins", "*").split(",");
-    public static final String[] ALLOWED_METHODS = prop.get("gateway.security.cors.allowed-methods", "GET,POST").split(",");
-}
+    public static final String[] ALLOWED_METHODS = prop.get("gateway.security.cors.allowed-methods", "GET,POST,OPTIONS").split(",");
+    public static final String[] ALLOWED_HEADERS = prop.get("gateway.security.cors.allowed-headers", "Content-Type,Authorization,Cookie").split(",");
+    public static final boolean ALLOW_CREDENTIALS = prop.getBoolean("gateway.security.cors.allow-credentials", true);
+    public static final int MAX_AGE = prop.getInt("gateway.security.cors.max-age", 3600);}
--- a/dsGw/src/main/java/com/dsideal/gw/Handler/RouterHandler.java
+++ b/dsGw/src/main/java/com/dsideal/gw/Handler/RouterHandler.java
@ -53,6 +53,12 @@ public class RouterHandler extends Handler {
    @Override
    public void handle(String target, HttpServletRequest req, HttpServletResponse res, boolean[] isHandled) {
        try {
+            // 处理OPTIONS请求
+            if (req.getMethod().equals("OPTIONS")) {
+                handleOptionsRequest(res, isHandled);
+                return;
+            }
+
            String servletPath = req.getServletPath();
            String queryString = req.getQueryString();

@ -103,6 +109,36 @@ public class RouterHandler extends Handler {
        }
    }

+    // 处理OPTIONS请求
+    private void handleOptionsRequest(HttpServletResponse res, boolean[] isHandled) {
+        addCorsHeaders(res);
+        res.setStatus(HttpServletResponse.SC_OK);
+        isHandled[0] = true;
+    }
+
+    // 添加CORS头信息
+    private void addCorsHeaders(HttpServletResponse res) {
+        // 设置允许的源
+        for (String origin : GatewayConfig.ALLOWED_ORIGINS) {
+            if ("*".equals(origin)) {
+                res.setHeader("Access-Control-Allow-Origin", "*");
+                break;
+            }
+        }
+
+        // 设置允许的方法
+        res.setHeader("Access-Control-Allow-Methods", String.join(",", GatewayConfig.ALLOWED_METHODS));
+
+        // 设置允许的头信息
+        res.setHeader("Access-Control-Allow-Headers", String.join(",", GatewayConfig.ALLOWED_HEADERS));
+
+        // 设置是否允许发送Cookie
+        res.setHeader("Access-Control-Allow-Credentials", String.valueOf(GatewayConfig.ALLOW_CREDENTIALS));
+
+        // 设置预检请求的缓存时间
+        res.setHeader("Access-Control-Max-Age", String.valueOf(GatewayConfig.MAX_AGE));
+    }
+
    // 处理GET请求
    private void handleGetRequest(HttpServletRequest req, HttpServletResponse res,
                                  boolean[] isHandled, String forwardUrl, String queryString) {
@ -269,7 +305,9 @@ public class RouterHandler extends Handler {

    // 渲染JSON响应
    private void renderJson(HttpServletResponse res, String body) {
-        res.setHeader("Access-Control-Allow-Origin", "*");
+        // 添加CORS头信息
+        addCorsHeaders(res);
+
        res.setHeader("Cache-Control", "no-cache");
        res.setCharacterEncoding("UTF-8");
        res.setContentType(Constants.CONTENT_TYPE_JSON);
--- a/dsGw/src/main/resources/application_dev.yaml
+++ b/dsGw/src/main/resources/application_dev.yaml
@ -19,6 +19,27 @@ redis:
  ip: 10.10.14.14
  port: 18890

+# 网关配置
+gateway:
+  # 超时配置（毫秒）
+  timeout:
+    connect: 10000
+    read: 30000
+    write: 30000
+
+  # 连接池配置
+  connection:
+    max: 5
+    keep-alive: 300
+
+  # 安全配置
+  security:
+    cors:
+      allowed-origins: "*"  # 或者具体的域名列表，如 "http://localhost:8080,https://your-domain.com"
+      allowed-methods: "GET,POST,OPTIONS"
+      allowed-headers: "Content-Type,Authorization,Cookie"
+      allow-credentials: true
+      max-age: 3600
 # 白名单
 whitelist:
  # 全局变量获取
--- a/dsGw/src/main/resources/application_pro.yaml
+++ b/dsGw/src/main/resources/application_pro.yaml
@ -17,6 +17,27 @@ redis:
  ip: 10.10.14.14
  port: 18890

+# 网关配置
+gateway:
+  # 超时配置（毫秒）
+  timeout:
+    connect: 10000
+    read: 30000
+    write: 30000
+
+  # 连接池配置
+  connection:
+    max: 5
+    keep-alive: 300
+
+  # 安全配置
+  security:
+    cors:
+      allowed-origins: "*"  # 或者具体的域名列表，如 "http://localhost:8080,https://your-domain.com"
+      allowed-methods: "GET,POST,OPTIONS"
+      allowed-headers: "Content-Type,Authorization,Cookie"
+      allow-credentials: true
+      max-age: 3600
 # 白名单
 whitelist:
  # 全局变量获取
--- a/dsGw/src/main/resources/gateway-config.txt
+++ b/dsGw/src/main/resources/gateway-config.txt
@ -1,12 +0,0 @@
-# 超时配置
-gateway.timeout.connect=10000
-gateway.timeout.read=30000
-gateway.timeout.write=30000
-
-# 连接池配置
-gateway.connection.max=5
-gateway.connection.keep-alive=300
-
-# 安全配置
-gateway.security.cors.allowed-origins=*
-gateway.security.cors.allowed-methods=GET,POST