设置过滤器的优先级

fiveep-service/src/main/java/com/bizmatics/service/config/CorsFilter.java

@@ -1,33 +0,0 @@
-package com.bizmatics.service.config;
-
-import org.elasticsearch.rest.RestRequest;
-import org.springframework.context.annotation.Configuration;
-import org.springframework.web.filter.OncePerRequestFilter;
-
-import javax.servlet.FilterChain;
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import java.io.IOException;
-
-/**
- * @author yq
- * @date 2021/7/26 13:58
- */
-@Configuration
-public class CorsFilter extends OncePerRequestFilter {
-
-    @Override
-    protected void doFilterInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws ServletException, IOException {
-        httpServletResponse.setHeader("Access-Control-Allow-Origin", "*");
-        httpServletResponse.setHeader("Access-Control-Allow-Methods",
-                "POST, GET, OPTIONS, DELETE");
-        httpServletResponse.setHeader("Access-Control-Max-Age", "3600");
-        httpServletResponse.setHeader("Access-Control-Allow-Headers",
-                "Content-Type, x-requested-with, X-Custom-Header, Request-Ajax");//允许自定义的请求头
-        if(httpServletRequest.getMethod().toUpperCase().equals(RestRequest.Method.OPTIONS.name())){
-            return;
-        }
-        filterChain.doFilter(httpServletRequest, httpServletResponse);
-    }
-}

fiveep-service/src/main/java/com/bizmatics/service/config/SessionFilter.java

@@ -5,11 +5,13 @@ import com.bizmatics.common.core.exception.BusinessException;
 import com.bizmatics.model.User;
 import com.bizmatics.service.util.SessionLocal;
 import lombok.extern.slf4j.Slf4j;
+import org.elasticsearch.rest.RestRequest;
 import org.springframework.stereotype.Component;
 
 import javax.servlet.*;
 import javax.servlet.annotation.WebFilter;
 import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
 import javax.servlet.http.HttpSession;
 import java.io.IOException;
 import java.util.Collections;
@@ -31,7 +33,19 @@ public class SessionFilter implements Filter {
 
     @Override
     public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain chain) throws IOException, ServletException {
+        HttpServletResponse  httpServletResponse = (HttpServletResponse)servletResponse;
         HttpServletRequest request = (HttpServletRequest)servletRequest;
+        httpServletResponse.setHeader("Access-Control-Allow-Origin", "*");
+        httpServletResponse.setHeader("Access-Control-Allow-Methods",
+                "POST, GET, OPTIONS, DELETE");
+        httpServletResponse.setHeader("Access-Control-Max-Age", "3600");
+//        httpServletResponse.setHeader("Access-Control-Allow-Headers",
+//                "Content-Type, x-requested-with, X-Custom-Header, Request-Ajax");//允许自定义的请求头
+        httpServletResponse.setHeader("Access-Control-Allow-Headers", "*");
+        if(request.getMethod().toUpperCase().equals(RestRequest.Method.OPTIONS.name())){
+            return;
+        }
+
         String path = request.getRequestURI().substring(request.getContextPath().length()).replaceAll("[/]+$", "");
         boolean allowedPath = ALLOWED_PATHS.contains(path);
         if (!allowedPath){