当我在使用axios发送跨域请求时,发现请求的响应头中虽然设置的Authorization但是还是获取不到,axios请代码如下:
export async function login(user){ var response = await axios.post(server_url+"/api-user/login",user); return response; }
调用如下:
login(this.ruleForm).then(res=>{ console.log(res); console.log("token="+res.headers.authorization) })
后台代码如下:
@RestController @RequestMapping("/api-user") @CrossOrigin(origins = {"http://localhost:8081"},allowCredentials="true") public class AdUserController { private Logger logger = LoggerFactory.getLogger(AdUserController.class); @Autowired private AdUserService adUserService; @Autowired private JwtUtil jwtUtil; // 列出所有后台用户 @GetMapping("listAllUsers") public ResponseResult listAllUsers(){ logger.info("listAllUsers-----------"); List<AdUser> users = adUserService.listAllUsers(); return ResponseResult.ok(users); } // 登录 @PostMapping("login") @PassLogin public ResponseResult login(@RequestBody AdUser user,HttpServletResponse response){ logger.info("login--------"+user.getUsername()+","+user.getPassword()); AdUser adUser = adUserService.login(user); if(adUser == null){ logger.error("登录失败"); return ResponseResult.forbidden().setMsg("用户名或密码错误"); } //签发token String token = jwtUtil.createToken(adUser.getUserId().toString()); logger.info("签发的token:"+token); //token存入响应头 response.setHeader("Authorization","Bearer "+token); return ResponseResult.ok(adUser); } }
结果打印发现headers中没有Authorization:
解决办法
只需要在response.setHeader前加上如下代码即可:
response.addHeader("Access-Control-Expose-Headers","Authorization");