Merge pull request #26 from lumijiez/front-v2
Fixed CORS polices
This commit was merged in pull request #26.
This commit is contained in:
Daniel
@@ -1,14 +0,0 @@
|
|||||||
package com.faf223.expensetrackerfaf.config;
|
|
||||||
|
|
||||||
import org.springframework.context.annotation.Configuration;
|
|
||||||
import org.springframework.web.servlet.config.annotation.CorsRegistry;
|
|
||||||
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
|
|
||||||
|
|
||||||
@Configuration
|
|
||||||
public class CorsConfig implements WebMvcConfigurer {
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public void addCorsMappings(CorsRegistry registry) {
|
|
||||||
registry.addMapping("/**").allowedMethods("*");
|
|
||||||
}
|
|
||||||
}
|
|
||||||
@@ -1,39 +0,0 @@
|
|||||||
package com.faf223.expensetrackerfaf.config;
|
|
||||||
|
|
||||||
import jakarta.servlet.*;
|
|
||||||
import jakarta.servlet.http.HttpServletRequest;
|
|
||||||
import jakarta.servlet.http.HttpServletResponse;
|
|
||||||
import org.springframework.core.Ordered;
|
|
||||||
import org.springframework.core.annotation.Order;
|
|
||||||
import org.springframework.stereotype.Component;
|
|
||||||
|
|
||||||
import java.io.IOException;
|
|
||||||
|
|
||||||
@Component
|
|
||||||
@Order(Ordered.HIGHEST_PRECEDENCE)
|
|
||||||
public class CorsFilter implements Filter {
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public void destroy() {
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
|
|
||||||
HttpServletResponse response = (HttpServletResponse) servletResponse;
|
|
||||||
response.setHeader("Access-Control-Allow-Origin", "*");
|
|
||||||
response.setHeader("Access-Control-Allow-Credentials", "true");
|
|
||||||
response.setHeader("Access-Control-Allow-Methods", "POST, GET, HEAD, OPTIONS");
|
|
||||||
response.setHeader("Access-Control-Allow-Headers", "Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers");
|
|
||||||
if ("OPTIONS".equalsIgnoreCase(((HttpServletRequest) servletRequest).getMethod())) {
|
|
||||||
response.setStatus(HttpServletResponse.SC_OK);
|
|
||||||
} else {
|
|
||||||
filterChain.doFilter(servletRequest, response);
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public void init(FilterConfig config) {
|
|
||||||
}
|
|
||||||
}
|
|
||||||
@@ -22,6 +22,13 @@ import org.springframework.security.oauth2.core.oidc.IdTokenClaimNames;
|
|||||||
import org.springframework.security.oauth2.core.user.OAuth2User;
|
import org.springframework.security.oauth2.core.user.OAuth2User;
|
||||||
import org.springframework.security.web.SecurityFilterChain;
|
import org.springframework.security.web.SecurityFilterChain;
|
||||||
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
|
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
|
||||||
|
import org.springframework.web.cors.CorsConfiguration;
|
||||||
|
import org.springframework.web.cors.CorsConfigurationSource;
|
||||||
|
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
|
||||||
|
|
||||||
|
import java.util.Arrays;
|
||||||
|
|
||||||
|
import static org.springframework.security.config.Customizer.withDefaults;
|
||||||
|
|
||||||
@Configuration
|
@Configuration
|
||||||
@EnableWebSecurity
|
@EnableWebSecurity
|
||||||
@@ -35,6 +42,7 @@ public class SecurityConfiguration {
|
|||||||
@Bean
|
@Bean
|
||||||
public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
|
public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
|
||||||
http
|
http
|
||||||
|
.cors(Customizer.withDefaults())
|
||||||
.csrf(AbstractHttpConfigurer::disable)
|
.csrf(AbstractHttpConfigurer::disable)
|
||||||
.authorizeHttpRequests(auth -> auth
|
.authorizeHttpRequests(auth -> auth
|
||||||
.requestMatchers("/api/v1/auth/**").permitAll()
|
.requestMatchers("/api/v1/auth/**").permitAll()
|
||||||
@@ -46,4 +54,16 @@ public class SecurityConfiguration {
|
|||||||
return http.build();
|
return http.build();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Bean
|
||||||
|
public CorsConfigurationSource corsConfigurationSource() {
|
||||||
|
CorsConfiguration configuration = new CorsConfiguration();
|
||||||
|
configuration.setAllowedOrigins(Arrays.asList("*"));
|
||||||
|
configuration.setAllowedMethods(Arrays.asList("GET", "POST", "PUT", "PATCH", "DELETE", "OPTIONS"));
|
||||||
|
configuration.setAllowedHeaders(Arrays.asList("authorization", "content-type", "x-auth-token"));
|
||||||
|
configuration.setExposedHeaders(Arrays.asList("x-auth-token"));
|
||||||
|
UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
|
||||||
|
source.registerCorsConfiguration("/**", configuration);
|
||||||
|
return source;
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -25,6 +25,7 @@ import java.util.stream.Collectors;
|
|||||||
@RestController
|
@RestController
|
||||||
@RequestMapping("/expenses")
|
@RequestMapping("/expenses")
|
||||||
@RequiredArgsConstructor
|
@RequiredArgsConstructor
|
||||||
|
@CrossOrigin(origins = "http://localhost:5173")
|
||||||
public class ExpenseController {
|
public class ExpenseController {
|
||||||
|
|
||||||
private final ExpenseService expenseService;
|
private final ExpenseService expenseService;
|
||||||
@@ -60,6 +61,7 @@ public class ExpenseController {
|
|||||||
return ResponseEntity.notFound().build();
|
return ResponseEntity.notFound().build();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
// TODO: has to be checked on auto extracting Uuid
|
// TODO: has to be checked on auto extracting Uuid
|
||||||
@PatchMapping()
|
@PatchMapping()
|
||||||
public ResponseEntity<ExpenseDTO> updateExpense(@RequestBody ExpenseCreationDTO expenseDTO,
|
public ResponseEntity<ExpenseDTO> updateExpense(@RequestBody ExpenseCreationDTO expenseDTO,
|
||||||
|
|||||||
@@ -25,6 +25,7 @@ import java.util.stream.Collectors;
|
|||||||
@RestController
|
@RestController
|
||||||
@RequestMapping("/incomes")
|
@RequestMapping("/incomes")
|
||||||
@RequiredArgsConstructor
|
@RequiredArgsConstructor
|
||||||
|
@CrossOrigin(origins = "http://localhost:5173")
|
||||||
public class IncomeController {
|
public class IncomeController {
|
||||||
|
|
||||||
private final IncomeService incomeService;
|
private final IncomeService incomeService;
|
||||||
|
|||||||
@@ -19,6 +19,7 @@ import java.util.ArrayList;
|
|||||||
@RestController
|
@RestController
|
||||||
@RequestMapping("/users")
|
@RequestMapping("/users")
|
||||||
@RequiredArgsConstructor
|
@RequiredArgsConstructor
|
||||||
|
@CrossOrigin(origins = "http://localhost:5173")
|
||||||
public class UserController {
|
public class UserController {
|
||||||
|
|
||||||
private final UserService userService;
|
private final UserService userService;
|
||||||
|
|||||||
@@ -15,6 +15,7 @@
|
|||||||
onMount(() => {
|
onMount(() => {
|
||||||
if (getCookie('access_token') === null) {
|
if (getCookie('access_token') === null) {
|
||||||
window.location.href = '/auth/login';
|
window.location.href = '/auth/login';
|
||||||
|
console.log("no token");
|
||||||
}
|
}
|
||||||
|
|
||||||
const token = getCookie('access_token');
|
const token = getCookie('access_token');
|
||||||
|
|||||||
@@ -57,7 +57,6 @@
|
|||||||
}
|
}
|
||||||
|
|
||||||
#expenseList {
|
#expenseList {
|
||||||
margin-top: 10px;
|
|
||||||
scrollbar-width: none;
|
scrollbar-width: none;
|
||||||
flex: 1;
|
flex: 1;
|
||||||
border-radius: 10px;
|
border-radius: 10px;
|
||||||
|
|||||||
@@ -57,7 +57,6 @@
|
|||||||
}
|
}
|
||||||
|
|
||||||
#incomeList {
|
#incomeList {
|
||||||
margin-top: 10px;
|
|
||||||
scrollbar-width: none;
|
scrollbar-width: none;
|
||||||
flex: 1;
|
flex: 1;
|
||||||
border-radius: 10px;
|
border-radius: 10px;
|
||||||
|
|||||||
@@ -63,7 +63,7 @@
|
|||||||
<div id="exp">
|
<div id="exp">
|
||||||
<div id="optionField">
|
<div id="optionField">
|
||||||
<h2>Expenses</h2>
|
<h2>Expenses</h2>
|
||||||
<div id="openModal" class="plus-button" role="button" tabindex="1" on:click={() => (showModal = true)} on:keydown={() => console.log("keydown")}>
|
<div id="openModal" class="plus-button" role="button" tabindex="0" on:click={() => (showModal = true)} on:keydown={() => console.log("keydown")}>
|
||||||
+
|
+
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
|||||||
@@ -95,7 +95,7 @@
|
|||||||
<div id="inc">
|
<div id="inc">
|
||||||
<div id="optionField">
|
<div id="optionField">
|
||||||
<h2>Incomes</h2>
|
<h2>Incomes</h2>
|
||||||
<div id="openModal" class="plus-button" role="button" tabindex="1" on:click={() => (showModal = true)} on:keydown={() => console.log("keydown")}>
|
<div id="openModal" class="plus-button" role="button" tabindex="0" on:click={() => (showModal = true)} on:keydown={() => console.log("keydown")}>
|
||||||
+
|
+
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
|||||||
@@ -1,7 +1,7 @@
|
|||||||
<script>
|
<script>
|
||||||
export let showModal; // boolean
|
export let showModal;
|
||||||
|
|
||||||
let dialog; // HTMLDialogElement
|
let dialog;
|
||||||
|
|
||||||
$: if (dialog && showModal) dialog.showModal();
|
$: if (dialog && showModal) dialog.showModal();
|
||||||
</script>
|
</script>
|
||||||
@@ -54,7 +54,4 @@
|
|||||||
opacity: 1;
|
opacity: 1;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
button {
|
|
||||||
display: block;
|
|
||||||
}
|
|
||||||
</style>
|
</style>
|
||||||
|
|||||||
Reference in New Issue
Block a user