修正接口

2025-11-16 01:49:47 +08:00 · 2025-11-16 01:49:47 +08:00 · 0036540fcd
commit 0036540fcd
parent 06bb112c7f
5 changed files with 53 additions and 17 deletions
--- a/ruoyi-ui/src/views/login.vue
+++ b/ruoyi-ui/src/views/login.vue
@ -1,6 +1,6 @@
 <template>
  <div class="login">
-    <el-form ref="loginForm" :model="loginForm" :rules="loginRules" class="login-form">
+    <el-form ref="loginForm" :model="loginForm" :rules="loginRules" :class="['login-form', { 'admin-mode': isAdminMode }]">
      <h1 style="text-align: center; color: #1890ff;">心理健康测评系统</h1>
      <h3 class="title">{{ isAdminMode ? '管理员登录' : '学员登录' }}</h3>

@ -341,6 +341,9 @@ export default {
  padding: 25px 25px 5px 25px;
  z-index: 1;
  border: 1px solid #dcdfe6;
+  &.admin-mode {
+    border: 1px solid #606266;
+  }
  .el-input {
    height: 38px;
    input {
@ -410,13 +413,13 @@ export default {
  display: block;
 }
 .admin-login-link {
-  color: #409EFF;
+  color: #a4b2c0;
  font-size: 16px;
  font-weight: bold;
  text-decoration: none;
  display: inline-block;
-  padding: 6px 20px;
-  border: 2px solid #409EFF;
+  padding: 3px 20px;
+  border: 1px solid #9aaec2;
  border-radius: 4px;
  transition: all 0.3s;
  cursor: pointer;
--- a/ry-xinli-framework/src/main/java/com/ddnai/framework/config/ResourcesConfig.java
+++ b/ry-xinli-framework/src/main/java/com/ddnai/framework/config/ResourcesConfig.java
@ -55,12 +55,19 @@ public class ResourcesConfig implements WebMvcConfigurer
    public CorsFilter corsFilter()
    {
        CorsConfiguration config = new CorsConfiguration();
-        // 设置访问源地址
+        // 设置访问源地址（使用 addAllowedOriginPattern 支持通配符）
+        // 注意：如果设置了 allowCredentials(true)，则不能使用 "*"，必须指定具体源地址
        config.addAllowedOriginPattern("*");
        // 设置访问源请求头
        config.addAllowedHeader("*");
        // 设置访问源请求方法
        config.addAllowedMethod("*");
+        // 允许发送凭证信息（cookies等）
+        // 注意：当使用通配符 "*" 时，allowCredentials 必须为 false
+        // 如果需要发送凭证，请使用 addAllowedOrigin 指定具体源地址，如：
+        // config.addAllowedOrigin("http://1.15.149.240:20001");
+        // config.setAllowCredentials(true);
+        config.setAllowCredentials(false);
        // 有效期 1800秒
        config.setMaxAge(1800L);
        // 添加映射路径，拦截一切请求
--- a/ry-xinli-framework/src/main/java/com/ddnai/framework/config/SecurityConfig.java
+++ b/ry-xinli-framework/src/main/java/com/ddnai/framework/config/SecurityConfig.java
@ -15,7 +15,6 @@ import org.springframework.security.core.userdetails.UserDetailsService;
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.security.web.SecurityFilterChain;
 import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
-import org.springframework.security.web.authentication.logout.LogoutFilter;
 import org.springframework.security.web.firewall.HttpFirewall;
 import org.springframework.security.web.firewall.StrictHttpFirewall;
 import org.springframework.web.filter.CorsFilter;
@ -134,8 +133,10 @@ public class SecurityConfig
            // 注解标记允许匿名访问的url
            .authorizeHttpRequests((requests) -> {
                permitAllUrl.getUrls().forEach(url -> requests.antMatchers(url).permitAll());
-                // 对于登录login 学员登录student/login 注册register 验证码captchaImage 允许匿名访问
-                requests.antMatchers("/login", "/student/login", "/register", "/captchaImage").permitAll()
+                // OPTIONS 预检请求允许匿名访问（CORS 需要）
+                requests.antMatchers(HttpMethod.OPTIONS, "/**").permitAll()
+                    // 对于登录login 学员登录student/login 注册register 验证码captchaImage 退出logout 允许匿名访问
+                    .antMatchers("/login", "/student/login", "/register", "/captchaImage", "/logout").permitAll()
                    // API接口，可匿名访问
                    .antMatchers("/api/**").permitAll()
                    // 静态资源，可匿名访问
@ -144,10 +145,10 @@ public class SecurityConfig
                    // 除上面外的所有请求全部需要鉴权认证
                    .anyRequest().authenticated();
            })
+            // 添加CORS filter（最前面，处理跨域，必须在所有其他过滤器之前）
+            .addFilterBefore(corsFilter, UsernamePasswordAuthenticationFilter.class)
            // 添加Logout filter
            .logout(logout -> logout.logoutUrl("/logout").logoutSuccessHandler(logoutSuccessHandler))
-            // 添加CORS filter（最前面，处理跨域）
-            .addFilterBefore(corsFilter, UsernamePasswordAuthenticationFilter.class)
            // 添加JWT filter
            .addFilterBefore(authenticationTokenFilter, UsernamePasswordAuthenticationFilter.class)
            .build();
--- a/ry-xinli-framework/src/main/java/com/ddnai/framework/security/filter/SystemDisabledFilter.java
+++ b/ry-xinli-framework/src/main/java/com/ddnai/framework/security/filter/SystemDisabledFilter.java
@ -49,6 +49,7 @@ public class SystemDisabledFilter extends OncePerRequestFilter
        "/register",
        "/captchaImage",
        "/student/login",
+        "/logout",
        "/system/config/configKey/sys.system.disabled",
        "/system/config/configKey/sys.system.expireDate",
        "/system/config/configKey/sys.system.disabledMessage",
--- a/ry-xinli-framework/src/main/java/com/ddnai/framework/security/handle/LogoutSuccessHandlerImpl.java
+++ b/ry-xinli-framework/src/main/java/com/ddnai/framework/security/handle/LogoutSuccessHandlerImpl.java
@ -38,6 +38,24 @@ public class LogoutSuccessHandlerImpl implements LogoutSuccessHandler
    @Override
    public void onLogoutSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication)
            throws IOException, ServletException
+    {
+        // 设置 CORS 响应头，解决跨域问题
+        String origin = request.getHeader("Origin");
+        if (origin != null)
+        {
+            response.setHeader("Access-Control-Allow-Origin", origin);
+        }
+        else
+        {
+            response.setHeader("Access-Control-Allow-Origin", "*");
+        }
+        response.setHeader("Access-Control-Allow-Credentials", "false");
+        response.setHeader("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS");
+        response.setHeader("Access-Control-Allow-Headers", "*");
+        response.setHeader("Access-Control-Max-Age", "1800");
+        
+        // 尝试获取登录用户信息，如果获取失败（例如token已过期或无效），也允许退出
+        try
        {
            LoginUser loginUser = tokenService.getLoginUser(request);
            if (StringUtils.isNotNull(loginUser))
@ -48,6 +66,12 @@ public class LogoutSuccessHandlerImpl implements LogoutSuccessHandler
                // 记录用户退出日志
                AsyncManager.me().execute(AsyncFactory.recordLogininfor(userName, Constants.LOGOUT, MessageUtils.message("user.logout.success")));
            }
+        }
+        catch (Exception e)
+        {
+            // 获取用户信息失败（例如token已过期），仍然允许退出，只是不删除token和记录日志
+            // 这种情况通常发生在token已过期但用户仍然点击退出按钮的场景
+        }
        ServletUtils.renderString(response, JSON.toJSONString(AjaxResult.success(MessageUtils.message("user.logout.success"))));
    }
 }