feat(blog-backend): 添加开发环境的 cors 兼容

blog-backend/src/main/java/cn/hamster3/application/blog/config/WebConfig.java

@@ -1,6 +1,5 @@
 package cn.hamster3.application.blog.config;
 
-import lombok.extern.slf4j.Slf4j;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.data.domain.AuditorAware;
@@ -13,7 +12,6 @@ import org.springframework.security.crypto.password.PasswordEncoder;
 import java.util.Optional;
 
 @Configuration
-@Slf4j
 public class WebConfig {
     @Bean
     public PasswordEncoder getPasswordEncoder() {
@@ -31,4 +29,5 @@ public class WebConfig {
             return Optional.of(user.getUsername());
         };
     }
+
 }

blog-backend/src/main/java/cn/hamster3/application/blog/config/security/DevSecurityConfiguration.java

@@ -6,6 +6,8 @@ import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.Profile;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.web.SecurityFilterChain;
+import org.springframework.web.servlet.config.annotation.CorsRegistry;
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
 
 @Slf4j
 @Configuration
@@ -15,12 +17,29 @@ public class DevSecurityConfiguration {
     SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
         log.info("development environment security settings enabled.");
         return http.authorizeHttpRequests(request -> request
-                        .anyRequest().permitAll()
+                .anyRequest().permitAll())
-                ).csrf().disable()
+                .cors().and()
+                .csrf().disable()
                 .formLogin()
                 .and()
                 .httpBasic()
                 .and()
                 .build();
     }
+    
+    @Bean
+    public WebMvcConfigurer corsConfigurer() {
+        log.info("add cors configuration...");
+        return new WebMvcConfigurer() {
+            @Override
+            public void addCorsMappings(CorsRegistry registry) {
+                registry.addMapping("/**")
+                    .allowedOriginPatterns("*")
+                    .allowedMethods("*")
+                    .allowedHeaders("*")
+                    .allowCredentials(true)
+                    .maxAge(3600);
+            }
+        };
+    }
 }

blog-backend/src/main/java/cn/hamster3/application/blog/config/security/SecurityConfiguration.java

@@ -21,8 +21,9 @@ public class SecurityConfiguration {
                 .requestMatchers(HttpMethod.GET, "/register", "/login").permitAll()
                 .requestMatchers(HttpMethod.GET, "/swagger-ui/**", "v3/api-docs/**").permitAll()
                 .requestMatchers(HttpMethod.POST, "/api/v1/user/").anonymous()
-                        .anyRequest().authenticated()
+                .anyRequest().authenticated())
-                ).csrf().disable()
+                .cors().and()
+                .csrf().disable()
                 .formLogin()
                 .and()
                 .httpBasic()

blog-backend/src/main/java/cn/hamster3/application/blog/config/security/UserDetailServiceImpl.java

@@ -3,7 +3,6 @@ package cn.hamster3.application.blog.config.security;
 import cn.hamster3.application.blog.dao.UserRepository;
 import cn.hamster3.application.blog.entity.UserEntity;
 import jakarta.annotation.Resource;
-import org.hibernate.Hibernate;
 import org.springframework.security.core.authority.SimpleGrantedAuthority;
 import org.springframework.security.core.userdetails.User;
 import org.springframework.security.core.userdetails.UserDetails;

blog-backend/src/main/java/cn/hamster3/application/blog/controller/BlogController.java

@@ -2,6 +2,7 @@ package cn.hamster3.application.blog.controller;
 
 import cn.hamster3.application.blog.entity.BlogEntity;
 import cn.hamster3.application.blog.vo.ResponseVO;
+
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;

blog-backend/src/main/java/cn/hamster3/application/blog/dao/UserEntityRepository.java

@@ -1,13 +0,0 @@
-package cn.hamster3.application.blog.dao;
-
-import cn.hamster3.application.blog.entity.BlogEntity;
-import cn.hamster3.application.blog.entity.UserEntity;
-import org.springframework.data.jpa.repository.JpaRepository;
-import org.springframework.data.jpa.repository.JpaSpecificationExecutor;
-
-import java.util.Optional;
-import java.util.UUID;
-
-public interface UserEntityRepository extends JpaRepository<UserEntity, UUID>, JpaSpecificationExecutor<BlogEntity> {
-    Optional<UserEntity> findByEmailOrUsername(String email, String username);
-}

blog-backend/src/main/java/cn/hamster3/application/blog/dao/UserRepository.java

@@ -0,0 +1,19 @@
+package cn.hamster3.application.blog.dao;
+
+import cn.hamster3.application.blog.entity.BlogEntity;
+import cn.hamster3.application.blog.entity.UserEntity;
+import org.springframework.data.jpa.repository.EntityGraph;
+import org.springframework.data.jpa.repository.JpaRepository;
+import org.springframework.data.jpa.repository.JpaSpecificationExecutor;
+
+import java.util.Optional;
+import java.util.UUID;
+
+public interface UserRepository extends JpaRepository<UserEntity, UUID>, JpaSpecificationExecutor<BlogEntity> {
+    boolean existsByNicknameIgnoreCase(String nickname);
+
+    boolean existsByEmailIgnoreCase(String email);
+
+    @EntityGraph(attributePaths = {"permissions"})
+    <T> Optional<T> findByEmailOrNicknameAllIgnoreCase(String email, String nickname, Class<T> type);
+}