export default {
data() {
return {
uniqueOpened:true,
menulist:[] }
} ,
mounted: function() {
let self = this;
this.$axios.post('http://localhost:8080/test/xxx/xxxx', {}, {
headers: {
"Content-Type":"application/json;charset=utf-8"
},
withCredentials : true
}).then(function(response) {
// 这里是处理正确的回调
let result = response.data.result;
if (0 == result) {
self.menulist = response.data.item.menulist;
} else if (11 == result || 9 == result) {
self.$router.push('/login');
} else {
console.log(response.data);
}
}).catch( function(response) {
// 这里是处理错误的回调
console.log(response)
});
}
}
</script>
<style scoped>
.sidebar{
display: block;
position: absolute;
width: 200px;
left: 0;
top: 70px;
bottom:0;
background: #2E363F;
}
.sidebar > ul {
height:100%;
}
</style>
在后台项目中的登陆拦截器中设置了,接受跨域访问的header,如下:
public class LoginInterceptor extends HandlerInterceptorAdapter { @Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)
throws Exception {
response.setHeader("Access-Control-Allow-Headers", "X-Requested-With, accept, content-type, xxxx");
response.setHeader("Access-Control-Allow-Methods", "GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH");
response.setHeader("Access-Control-Allow-Origin", "*");
return true;
}
}
现在可以就可以跨域访问了。
2、登陆session获取
因为是后台管理系统,肯定都需要需要登陆,才能用的, 因此我在登陆时保存了session
//登陆成功
session.setAttribute("user", obj);我希望其它请求进来时,在拦截器中判断是否登陆了,是否有权限访问这个请求路径
//拦截器中增加,获取session代码
HttpSession session =request.getSession();
System.out.println("拦截器中的session的id是====" + session.getId());
Object obj = session.getAttribute("user");结果发现,每次ajax跨域访问都是新的session ,每次的sessionID都不一样
在segmentfault上提了一个问题,有人提示需要让ajax请求携带cookie,也就是认证信息,于是在拦截器中,增加了一个需要认证信息的header:
response.setHeader("Access-Control-Allow-Credentials", "true");
