Add cors configuration support.

2024-02-17 18:16:46 -08:00 · 2024-02-17 18:16:46 -08:00 · 3106b3e94a
parent a829844c1a
commit 3106b3e94a
5 changed files with 25 additions and 3 deletions
--- a/wise-api/src/main/java/com/wisemapping/config/rest/WebConfig.java
+++ b/wise-api/src/main/java/com/wisemapping/config/rest/WebConfig.java
@ -0,0 +1,24 @@
+package com.wisemapping.config.rest;
+
+import org.jetbrains.annotations.NotNull;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.web.servlet.config.annotation.CorsRegistry;
+import org.springframework.web.servlet.config.annotation.EnableWebMvc;
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
+
+@Configuration
+@EnableWebMvc
+public class WebConfig implements WebMvcConfigurer {
+    @Value("${app.security.corsAllowedOrigins:}")
+    private String corsAllowedOrigins;
+
+    @Override
+    public void addCorsMappings(@NotNull CorsRegistry registry) {
+        if (!corsAllowedOrigins.isEmpty()) {
+            registry.addMapping("/api/**")
+                    .allowedOrigins(corsAllowedOrigins).
+                    maxAge(3600);
+        }
+    }
+}
--- a/wise-api/src/main/java/com/wisemapping/rest/AccountController.java
+++ b/wise-api/src/main/java/com/wisemapping/rest/AccountController.java
@ -40,7 +40,6 @@ import java.util.List;
@RestController
@RequestMapping("/api/restful/account")
@PreAuthorize("isAuthenticated() and hasRole('ROLE_USER')")
-@CrossOrigin
 public class AccountController extends BaseController {
    @Qualifier("userService")
    @Autowired
--- a/wise-api/src/main/java/com/wisemapping/rest/JwtAuthController.java
+++ b/wise-api/src/main/java/com/wisemapping/rest/JwtAuthController.java
@ -32,7 +32,6 @@ import org.springframework.security.authentication.UsernamePasswordAuthenticatio
 import org.springframework.web.bind.annotation.*;

@RestController
-@CrossOrigin
@RequestMapping("/api/restful")
 public class JwtAuthController {

--- a/wise-api/src/main/java/com/wisemapping/rest/MindmapController.java
+++ b/wise-api/src/main/java/com/wisemapping/rest/MindmapController.java
@ -48,7 +48,6 @@ import java.util.stream.Collectors;

@RestController
@RequestMapping("/api/restful/maps")
-@CrossOrigin
 public class MindmapController extends BaseController {
    private final Logger logger = LogManager.getLogger();

--- a/wise-api/src/main/resources/application.yml
+++ b/wise-api/src/main/resources/application.yml
@ -71,6 +71,7 @@ app:
  # Redirect to this url, this url must be configured in the google app {baseurl}/c/registration-google
  #security.oauth2.google.callbackUrl=<oauth callback url>
  security:
+    corsAllowedOrigins: https://dev.wisemapping.com
    oauth2:
      google:
        confirmUrl: https://oauth2.googleapis.com/token