1.后端允许跨域调用,并添加Cookie
@CrossOrigin
@RequestMapping(value="/login", produces = "application/json; charset=utf-8", method=RequestMethod.POST)
@ApiOperation(value = "用户登录")
@ApiImplicitParams({
@ApiImplicitParam(name = "name", value = "用户名", required = true, dataType = "string"),
@ApiImplicitParam(name = "pwd", value = "密码", required = true, dataType = "string")
})
@ApiResponses({
@ApiResponse(code = 200, message = "result", response = result.class)
})
public Object login(HttpServletRequest request,
HttpServletResponse response,
@RequestParam(value="name")String name,
@RequestParam(value="pwd")String pwd) {
System.out.println("login:");
//1.验证
result ret = new result(200, "登录成功", 0, tutil.currMSecs(), null);
//略
//
response.setHeader("Access-Control-Allow-Credentials", "true");
response.setHeader("Access-Control-Allow-Origin", request.getHeader("Origin"));
String sSessionId = UUID.randomUUID().toString().replaceAll("-", "");;
Cookie ck = new Cookie(sdpt.SEN_ID, sSessionId);
ck.setPath("/");
ck.setMaxAge(30*1000*60);
response.addCookie(ck);
HttpSession session = request.getSession();
session.setAttribute(sdpt.SEN_ID, sSessionId);
return ret;
}
2.前端允许跨域
form.on('submit(hug_adminLogin)', function(data) {
console.log(data.field)
// 登录
$.ajax({
type: "post",
url: 'http://xx.xxx.xx.xxx:8080/xxxx/syssetup/login',
data: {
name : 'xxxx',
pwd : 'x'
},
dataType: "json",
xhrFields: {
withCredentials:true
},
crossDomain: true,
success: function(res){
console.log(res);
if(res.code == 200){
layer.msg(res.msg);
}else{
layer.msg(res.msg);
}
}
});
})
结果:
结果2
但是在Application里面都没有Cookie,所以下次请求了,也没带上
问题就是怎么才能带上Cookie