環境:php
前端 vue ip地址:192.168.1.205前端
後端 springboot2.0 ip地址:192.168.1.217vue
主要開發後端。java
問題:jquery
首先登錄成功時將用戶存在session中,後續請求在將用戶從session中取出檢查。後續請求取出的用戶都爲null。ios
解決過程:web
首先發現sessionID不一致,致使每一次都是新的會話,固然不可能存在用戶了。而後發現cookie瀏覽器不能自動保存,服務器響應set-cookie了ajax
搜索問題,發現跨域,服務器響應的setCookie瀏覽器沒法保存,並且就算保存了域名不一樣也不能攜帶。spring
第一步:json
後臺添加過濾器,由於先後端分離,不可能每一個方法都寫一遍,因此添加過濾器統一處理。
package com.test.filter; import javax.servlet.*; import javax.servlet.annotation.WebFilter; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; @WebFilter(urlPatterns = "/*", filterName = "CORSFilter") public class CORSFilter implements Filter { @Override public void destroy() { } /** * 此過濾器只是處理跨域問題 * @param servletRequest * @param servletResponse * @param chain * @throws ServletException * @throws IOException */ @Override public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain chain) throws ServletException, IOException { HttpServletRequest req = (HttpServletRequest) servletRequest; HttpServletResponse resp = (HttpServletResponse) servletResponse; String origin = req.getHeader("Origin"); if(origin == null) { origin = req.getHeader("Referer"); } resp.setHeader("Access-Control-Allow-Origin", origin);//這裏不能寫*,*表明接受全部域名訪問,如寫*則下面一行代碼無效。謹記 resp.setHeader("Access-Control-Allow-Credentials", "true");//true表明容許攜帶cookie chain.doFilter(servletRequest,servletResponse); } @Override public void init(FilterConfig filterConfig) throws ServletException { } }
springboot2.配置過濾器時,啓動類必須加上@ServletComponentScan纔會加載過濾器
@SpringBootApplication @EnableTransactionManagement(order = 10) @ServletComponentScan public class Application { public static void main(String[] args) { SpringApplication.run(Application.class, args); } }
而後前端配置
使用vue.resource發送請求時配置以下:
main.js中 Vue.http.options.xhr = { withCredentials: true }
使用vue.axios發送請求時配置以下: axios.defaults.withCredentials = true; jquery請求帶上 xhrFields: {withCredentials: true}, crossDomain: true; $.ajax({ type: "post", url: "", xhrFields: {withCredentials: true}, crossDomain: true, data: {username:$("#username").val()}, dataType: "json", success: function(data){ } });
此時問題已解決。
但我查看請求時,仍是沒有帶cookie,太糾結於這一點了。以致於查看所有cookie時忽然明白了。
沒有帶cookie。
瀏覽器所有cookie
已經有服務器的cookie了。當向服務器發送請求時,會攜帶cookie,證實是同一會話。
發現火狐的請求頭中存在cookie,不知道爲何谷歌的請求頭不顯示,不明白。望解答。
參考文章:
https://developer.mozilla.org/zh-CN/docs/Web/HTTP/Headers/Set-Cookie
https://brockallen.com/2012/06/28/cors-support-in-webapi-mvc-and-iis-with-thinktecture-identitymodel/
https://blog.csdn.net/czhphp/article/details/65628977
https://blog.csdn.net/liyuling52011/article/details/80013725
https://blog.csdn.net/lililidahaoren/article/details/79566968
https://blog.csdn.net/zhouziyu2011/article/details/61200943
https://blog.csdn.net/onion_ye/article/details/78226237
https://segmentfault.com/q/1010000007643919
https://segmentfault.com/a/1190000009208644?utm_source=tag-newest
https://blog.csdn.net/h1059141989/article/details/83787791
https://segmentfault.com/q/1010000011994975
https://blog.csdn.net/qa60014359/article/details/86511588