api-module/src/main/java/com/tzld/piaoquan/api/config/JwtInterceptor.java

@@ -42,14 +42,22 @@ public class JwtInterceptor implements HandlerInterceptor {
 
     @Override
     public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
+
+        if (HttpMethod.OPTIONS.name().equals(request.getMethod())) {
+            response.setStatus(HttpServletResponse.SC_OK);
+            response.setHeader("Access-Control-Allow-Origin", request.getHeader("Origin"));
+            response.setHeader("Access-Control-Allow-Credentials", "true");
+            response.setHeader("Access-Control-Allow-Methods", "GET,POST,PUT,DELETE,OPTIONS");
+            response.setHeader("Access-Control-Allow-Headers", "Content-Type,token,Authorization");
+            response.setHeader("Access-Control-Max-Age", "3600");
+            return true;
+        }
+
         if ((StringUtils.isNotBlank(request.getRequestURI()) && request.getRequestURI().contains("auth")) ||
                 (Objects.nonNull(request.getRequestURL()) && request.getRequestURL().toString().contains("auth"))
         ) {
             return Boolean.TRUE;
         }
-        if ("OPTIONS".equalsIgnoreCase(request.getMethod())) {
-            return Boolean.TRUE;
-        }
         // 忽略带JwtIgnore注解的请求, 不做后续token认证校验
         if (handler instanceof HandlerMethod) {
             HandlerMethod handlerMethod = (HandlerMethod) handler;
@@ -58,10 +66,6 @@ public class JwtInterceptor implements HandlerInterceptor {
                 return Boolean.TRUE;
             }
         }
-        if (HttpMethod.OPTIONS.name().equals(request.getMethod())) {
-            response.setStatus(HttpServletResponse.SC_OK);
-            return true;
-        }
         String uri = request.getServletPath();
         if (this.exclude(uri)) {
             //放行excludePaths包含的目录路径和excludeUris包含的URI