我有一个reactTS+vite+mantine前端和一个Springboot后端。设置如下。
当我试图使用cookie创建会话时,我似乎无法让前端返回cookie。
(此外,如果有人知道如何让跨来源的春季会议发挥作用,请联系我。)
登录功能(提供会话ID)
@PostMapping("/login")
public ResponseEntity<User> loginUser(
@RequestParam(value = "rmbr", defaultValue = "false") boolean rememberMe,
@RequestBody User user
) {
UserDatabase userDatabase = new UserDatabase();
User returnUser = userDatabase.getUserByUsernameOrEmail(user);
if (returnUser.getUsername() == null || returnUser.getUsername().isEmpty()) {
return new ResponseEntity<>(returnUser, HttpStatusCode.valueOf(462));
}
if (BCrypt.checkpw(user.getPassword(), returnUser.getPassword())) {
returnUser.setPassword(null);
UUID sessionId = UUID.randomUUID();
HttpHeaders responseHeaders = new HttpHeaders();
responseHeaders.add(HttpHeaders.SET_COOKIE,"SESSIONID=" + userDatabase.createCookie(sessionId.toString(), user, rememberMe));
return ResponseEntity
.ok()
.headers(responseHeaders)
.body(returnUser);
}
return new ResponseEntity<>(new User(), HttpStatusCode.valueOf(463));
}
我确实试过使用
HttpServletResponse response
路由和创建一个cookie对象,我也遇到了同样的问题。
用于检索会话详细信息的getDetails函数
@GetMapping("/details")
public ResponseEntity<User> getUserFromSession(
@CookieValue("SESSIONID") String sessionId
) {
UserDatabase userDatabase = new UserDatabase();
User user = userDatabase.getCookieUser(sessionId);
user.setPassword(null);
return new ResponseEntity<>(new User(), HttpStatusCode.valueOf(200));
}
当发出此请求时,控制台会打印出以下内容:
2023-12-09T11:41:59.960+02:00 WARN 19748 --- [nio-8080-exec-3] .w.s.m.s.DefaultHandlerExceptionResolver : Resolved [org.springframework.web.bind.MissingRequestCookieException: Required cookie 'SESSIONID' for method parameter type String is not present]
前端登录功能
const handleLogin = async () => {
const user: User = {
email: (/^\S+@\S+$/.test(form.values.email) ? form.values.email : ''),
username: (/^\S+@\S+$/.test(form.values.email) ? '' : form.values.email),
password: form.values.password,
profilePhoto: '',
bio: '',
role: 'user',
orgName: ''
};
try {
const response = await fetch( serverIp + 'user/login', {
method: 'POST',
headers: {'Content-Type': 'application/json'},
body: JSON.stringify(user),
});
if (response.ok) {
login(await response.json())
closeModal()
} else if (response.status == 462) {
setErrorMessage('User Does not Exist');
} else if (response.status == 463) {
setErrorMessage('Invalid Password');
}
} catch (error) {
setErrorMessage('Could not connect to server, Please check internet connection')
console.error('login fetch error', error)
} finally {
close()
}
}
获取web加载的详细信息设置
const fetchUserDetails = async () => {
try {
const response = await fetch(`${serverIp}user/details`, {
method: 'GET',
credentials: 'include',
});
if (response.ok) {
const user = await response.json();
login(user); // Update user details on successful API response
} else {
console.error('No active sessions found for this device');
}
} catch (error) {
console.error('Error fetching user details:', error);
}
};
useEffect(() => {
fetchUserDetails();
}, []);
弹簧安全温度配置
@Bean
public CorsFilter corsFilter() {
UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
CorsConfiguration config = new CorsConfiguration();
config.setAllowCredentials(true); // Allow credentials (e.g., cookies)
config.setAllowedOriginPatterns(List.of("*")); // Allow requests from this origin
config.addAllowedHeader("*"); // Allow all headers
config.addAllowedMethod("*"); // Allow all HTTP methods
source.registerCorsConfiguration("/**", config);
return new CorsFilter(source);
}
更多详细信息
我尝试启用所有cookie,还尝试了不同的ip,如localhost和127.0.0.1
我还制作了hosts和http仅设置为true和false的cookie,
它适用于邮递员,但不适用于浏览器
谢谢你抽出时间
我试过了