后端项目我使用了.net core 7.0 我还在用户端使用了 React 我按照文档进行了所有设置。但我得到一个错误: 从来源“http://x.x.x.x:1400”访问位于“http://x.x.x.x:1402/api/auth/login”的 XMLHttpRequest 已被 CORS 策略阻止:不存在“Access-Control-Allow-Origin”标头在请求的资源上。 我的 Startup.cs 类:
public Startup(IConfiguration configuration)
{
Configuration = configuration;
}
public IConfiguration Configuration { get; }
public void ConfigureServices(IServiceCollection services)
{
// Add for Remove null fields from API JSON response
services.AddMvc()
.AddJsonOptions(options =>
{
options.JsonSerializerOptions.DefaultIgnoreCondition = JsonIgnoreCondition.WhenWritingNull;
});
// AddAutoMapper
services.AddAutoMapper(typeof(Startup));
services.AddControllers(config =>
{
config.Filters.Add(new ApiExceptionFilter());
config.Filters.Add(new ApiActionFilter());
config.Filters.Add(new ApiResultFilter());
});
ServiceRegistration.AddInfrastructure(services);
string key = "xxxxxxxxxx";
services.AddAuthentication(x =>
{
x.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
x.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
}).AddJwtBearer(x =>
{
x.RequireHttpsMetadata = false;
x.SaveToken = true;
x.TokenValidationParameters = new Microsoft.IdentityModel.Tokens.TokenValidationParameters
{
ValidateIssuerSigningKey = true,
ValidateIssuer = false,
ValidateAudience = false,
IssuerSigningKey = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(key)),
ValidAudience = Configuration["Tokens:Audience"],
ValidIssuer = Configuration["Tokens:Issuer"],
ValidateLifetime = true,
ClockSkew = TimeSpan.Zero
};
});
services.AddSingleton<IJwtAuth>(new Auth.Auth(key));
services.AddSwaggerGen(c =>
{
OpenApiSecurityScheme jwtSecurityScheme = new OpenApiSecurityScheme
{
Scheme = "bearer",
BearerFormat = "JWT",
Name = "JWT Authentication",
In = ParameterLocation.Header,
Type = SecuritySchemeType.Http,
Reference = new OpenApiReference
{
Id = JwtBearerDefaults.AuthenticationScheme,
Type = ReferenceType.SecurityScheme
}
};
c.SwaggerDoc("v1", new OpenApiInfo
{
Version = "v1",
});
c.AddSecurityDefinition(jwtSecurityScheme.Reference.Id, jwtSecurityScheme);
c.AddSecurityRequirement(new OpenApiSecurityRequirement
{
{ jwtSecurityScheme, Array.Empty<string>() }
});
string xmlFilename = $"{Assembly.GetExecutingAssembly().GetName().Name}.xml";
c.IncludeXmlComments(Path.Combine(AppContext.BaseDirectory, xmlFilename));
});
}
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
// My Custom Middleware
app.UseMainMiddleware();
app.UseCors(
options => options
.AllowAnyMethod()
.AllowAnyHeader()
.AllowAnyOrigin()
);
app.UseHttpsRedirection();
app.UseAuthentication();
app.UseRouting();
app.UseAuthorization();
app.UseEndpoints(endpoints =>
{
endpoints.MapControllers();
});
//app.UseMvc();
}
}