代码之家  ›  专栏  ›  技术社区  ›  Johan Du Toit

Reacts前端未将Cookie返回到Springboot后端

  •  0
  • Johan Du Toit  · 技术社区  · 1 年前

    我有一个reactTS+vite+mantine前端和一个Springboot后端。设置如下。
    当我试图使用cookie创建会话时,我似乎无法让前端返回cookie。
    (此外,如果有人知道如何让跨来源的春季会议发挥作用,请联系我。)

    登录功能(提供会话ID)

    @PostMapping("/login")
        public ResponseEntity<User> loginUser(
                @RequestParam(value = "rmbr", defaultValue = "false") boolean rememberMe,
                @RequestBody User user
        ) {
            UserDatabase userDatabase = new UserDatabase();
    
            User returnUser = userDatabase.getUserByUsernameOrEmail(user);
    
            if (returnUser.getUsername() == null || returnUser.getUsername().isEmpty()) {
                return new ResponseEntity<>(returnUser, HttpStatusCode.valueOf(462));
            }
            if (BCrypt.checkpw(user.getPassword(), returnUser.getPassword())) {
                returnUser.setPassword(null);
                UUID sessionId = UUID.randomUUID();
                HttpHeaders responseHeaders = new HttpHeaders();
                responseHeaders.add(HttpHeaders.SET_COOKIE,"SESSIONID=" + userDatabase.createCookie(sessionId.toString(), user, rememberMe));
    
    
                return ResponseEntity
                        .ok()
                        .headers(responseHeaders)
                        .body(returnUser);
            }
            return new ResponseEntity<>(new User(), HttpStatusCode.valueOf(463));
        }
    

    我确实试过使用

    HttpServletResponse response
    

    路由和创建一个cookie对象,我也遇到了同样的问题。

    用于检索会话详细信息的getDetails函数

    @GetMapping("/details")
        public ResponseEntity<User> getUserFromSession(
                @CookieValue("SESSIONID") String sessionId
        ) {
            UserDatabase userDatabase = new UserDatabase();
            User user = userDatabase.getCookieUser(sessionId);
            user.setPassword(null);
            return new ResponseEntity<>(new User(), HttpStatusCode.valueOf(200));
        }
    

    当发出此请求时,控制台会打印出以下内容:

    2023-12-09T11:41:59.960+02:00  WARN 19748 --- [nio-8080-exec-3] .w.s.m.s.DefaultHandlerExceptionResolver : Resolved [org.springframework.web.bind.MissingRequestCookieException: Required cookie 'SESSIONID' for method parameter type String is not present]
    

    前端登录功能

    const handleLogin = async () => {
            const user: User = {
                email: (/^\S+@\S+$/.test(form.values.email) ? form.values.email : ''),
                username: (/^\S+@\S+$/.test(form.values.email) ? '' : form.values.email),
                password: form.values.password,
                profilePhoto: '',
                bio: '',
                role: 'user',
                orgName: ''
            };
            try {
                const response = await fetch( serverIp + 'user/login', {
                    method: 'POST',
                    headers: {'Content-Type': 'application/json'},
                    body: JSON.stringify(user),
                });
                if (response.ok) {
                    login(await response.json())
                    closeModal()
                } else if (response.status == 462) {
                    setErrorMessage('User Does not Exist');
                } else if (response.status == 463) {
                    setErrorMessage('Invalid Password');
                }
            } catch (error) {
                setErrorMessage('Could not connect to server, Please check internet connection')
                console.error('login fetch error', error)
            } finally {
                close()
            }
    
        }
    

    获取web加载的详细信息设置

    const fetchUserDetails = async () => {
            try {
                const response = await fetch(`${serverIp}user/details`, {
                    method: 'GET',
                    credentials: 'include',
                });
    
                if (response.ok) {
                    const user = await response.json();
                    login(user); // Update user details on successful API response
                } else {
                    console.error('No active sessions found for this device');
                }
            } catch (error) {
                console.error('Error fetching user details:', error);
            }
        };
        useEffect(() => {
            fetchUserDetails();
        }, []);
    

    弹簧安全温度配置

    @Bean
        public CorsFilter corsFilter() {
            UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
            CorsConfiguration config = new CorsConfiguration();
            config.setAllowCredentials(true); // Allow credentials (e.g., cookies)
            config.setAllowedOriginPatterns(List.of("*")); // Allow requests from this origin
            config.addAllowedHeader("*"); // Allow all headers
            config.addAllowedMethod("*"); // Allow all HTTP methods
            source.registerCorsConfiguration("/**", config);
            return new CorsFilter(source);
        }
    

    更多详细信息

    我尝试启用所有cookie,还尝试了不同的ip,如localhost和127.0.0.1
    我还制作了hosts和http仅设置为true和false的cookie,

    它适用于邮递员,但不适用于浏览器

    谢谢你抽出时间

    我试过了

    • 在浏览器中启用所有cookie

    • 使用了spring-cookie和httpservletresponse

    • 在邮差工作

    • http only=true

    • http only=false

    • 仅http未设置

    • -1时的最大值

    • 8小时时的最大年龄

    • 设置域

    • 设置路径

    • 不同的url,如localhost和127.0.0.1

    0 回复  |  直到 1 年前
        1
  •  0
  •   Johan Du Toit    1 年前

    我得到了解决方案,您需要为具有传入cookie的请求允许凭据