所以,我的朋友的登录页面出现了问题.当她try 向她的API发出请求时,它只会在前端出错,而在API中什么都不会发生.
这是出现在控制台上的错误: CORS策略已阻止从源"http://localhost:3000"访问位于"http://localhost:8082/login"的XMLHttpRequest:对预检请求的响应未通过访问控制判断:请求的资源上不存在"Check-Control-Allow-Origin"标头. Copyright © 2018 - 2019 www.js.com. All rights reserved.粤ICP备16048888号-1
这是登录端点
@Controller
@CrossOrigin(
origins = "http://localhost:3000",
allowCredentials = "true"
)
@RequestMapping("/login")
public class AuthenticationController {
@Autowired
AuthenticationManager authenticationManager;
private static final Logger logger = LoggerFactory.getLogger(AuthenticationController.class);
@PostMapping
public ResponseEntity<?> login(
@RequestBody Login login,
HttpServletRequest request,
HttpServletResponse response
){
logger.debug("Received login request for username: {}", login.getUsername());
System.out.println("AuthenticationCOntroller");
SecurityContextRepository securityContextRepository = new HttpSessionSecurityContextRepository();
UsernamePasswordAuthenticationToken token =
new UsernamePasswordAuthenticationToken(login.getUsername(), login.getPassword());
Authentication authentication = authenticationManager.authenticate(token);
if(authentication.isAuthenticated()){
User user = (User) authentication.getPrincipal();
Cookie cookie = CookieUtil.generateCookie(user);
response.addCookie(cookie);
return ResponseEntity.ok(authentication.getPrincipal());
}
}
她试图重构她的所有代码,但登录时仍然出错.