当我在使用axios发送跨域请求时,发现请求的响应头中虽然设置的Authorization但是还是获取不到,axios请代码如下:
export async function login(user){
var response = await axios.post(server_url+"/api-user/login",user);
return response;
}
调用如下:
login(this.ruleForm).then(res=>{
console.log(res);
console.log("token="+res.headers.authorization)
})
后台代码如下:
@RestController
@RequestMapping("/api-user")
@CrossOrigin(origins = {"http://localhost:8081"},allowCredentials="true")
public class AdUserController {
private Logger logger = LoggerFactory.getLogger(AdUserController.class);
@Autowired
private AdUserService adUserService;
@Autowired
private JwtUtil jwtUtil;
// 列出所有后台用户
@GetMapping("listAllUsers")
public ResponseResult listAllUsers(){
logger.info("listAllUsers-----------");
List<AdUser> users = adUserService.listAllUsers();
return ResponseResult.ok(users);
}
// 登录
@PostMapping("login")
@PassLogin
public ResponseResult login(@RequestBody AdUser user,HttpServletResponse response){
logger.info("login--------"+user.getUsername()+","+user.getPassword());
AdUser adUser = adUserService.login(user);
if(adUser == null){
logger.error("登录失败");
return ResponseResult.forbidden().setMsg("用户名或密码错误");
}
//签发token
String token = jwtUtil.createToken(adUser.getUserId().toString());
logger.info("签发的token:"+token);
//token存入响应头
response.setHeader("Authorization","Bearer "+token);
return ResponseResult.ok(adUser);
}
}
结果打印发现headers中没有Authorization:
解决办法
只需要在response.setHeader前加上如下代码即可:
response.addHeader("Access-Control-Expose-Headers","Authorization");
再次请求,效果如下:
