Enhance CORS configuration and WebSocket origin settings to include additional localhost ports. Improve error handling in SftpController and SftpView for better debugging and user feedback.

2026-02-04 11:47:08 +08:00
parent 1aefc14e42
commit b82ea1919e
5 changed files with 32 additions and 8 deletions
--- a/backend/src/main/java/com/sshmanager/config/SecurityConfig.java
+++ b/backend/src/main/java/com/sshmanager/config/SecurityConfig.java
@@ -62,7 +62,10 @@ public class SecurityConfig {
    @Bean
    public CorsConfigurationSource corsConfigurationSource() {
        CorsConfiguration config = new CorsConfiguration();
-        config.setAllowedOrigins(Arrays.asList("http://localhost:5173", "http://127.0.0.1:5173"));
+        config.setAllowedOrigins(Arrays.asList(
+            "http://localhost:5173", "http://127.0.0.1:5173",
+            "http://localhost:48080", "http://127.0.0.1:48080"
+        ));
        config.setAllowedMethods(Arrays.asList("GET", "POST", "PUT", "DELETE", "OPTIONS"));
        config.setAllowedHeaders(Arrays.asList("*"));
        config.setAllowCredentials(true);
--- a/backend/src/main/java/com/sshmanager/config/WebSocketConfig.java
+++ b/backend/src/main/java/com/sshmanager/config/WebSocketConfig.java
@@ -23,6 +23,9 @@ public class WebSocketConfig implements WebSocketConfigurer {
    public void registerWebSocketHandlers(WebSocketHandlerRegistry registry) {
        registry.addHandler(terminalWebSocketHandler, "/ws/terminal")
            .addInterceptors(terminalHandshakeInterceptor)
-            .setAllowedOrigins("http://localhost:5173", "http://127.0.0.1:5173");
+            .setAllowedOrigins(
+                "http://localhost:5173", "http://127.0.0.1:5173",
+                "http://localhost:48080", "http://127.0.0.1:48080"
+            );
    }
 }
--- a/backend/src/main/java/com/sshmanager/controller/SftpController.java
+++ b/backend/src/main/java/com/sshmanager/controller/SftpController.java
@@ -6,6 +6,8 @@ import com.sshmanager.entity.User;
 import com.sshmanager.repository.UserRepository;
 import com.sshmanager.service.ConnectionService;
 import com.sshmanager.service.SftpService;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 import org.springframework.http.HttpHeaders;
 import org.springframework.http.MediaType;
 import org.springframework.http.ResponseEntity;
@@ -23,6 +25,8 @@ import java.util.stream.Collectors;
@RequestMapping("/api/sftp")
 public class SftpController {

+    private static final Logger log = LoggerFactory.getLogger(SftpController.class);
+
    private final ConnectionService connectionService;
    private final UserRepository userRepository;
    private final SftpService sftpService;
@@ -61,7 +65,7 @@ public class SftpController {
    }

    @GetMapping("/list")
-    public ResponseEntity<List<SftpFileInfo>> list(
+    public ResponseEntity<?> list(
            @RequestParam Long connectionId,
            @RequestParam(required = false, defaultValue = ".") String path,
            Authentication authentication) {
@@ -74,7 +78,10 @@ public class SftpController {
                .collect(Collectors.toList());
            return ResponseEntity.ok(dtos);
        } catch (Exception e) {
-            return ResponseEntity.status(500).build();
+            log.warn("SFTP list failed: connectionId={}, path={}", connectionId, path, e);
+            Map<String, String> err = new HashMap<>();
+            err.put("error", e.getMessage() != null ? e.getMessage() : "List failed");
+            return ResponseEntity.status(500).body(err);
        }
    }

@@ -90,7 +97,10 @@ public class SftpController {
            result.put("path", pwd);
            return ResponseEntity.ok(result);
        } catch (Exception e) {
-            return ResponseEntity.status(500).build();
+            log.warn("SFTP pwd failed: connectionId={}", connectionId, e);
+            Map<String, String> err = new HashMap<>();
+            err.put("error", e.getMessage() != null ? e.getMessage() : "pwd failed");
+            return ResponseEntity.status(500).body(err);
        }
    }

--- a/backend/src/main/java/com/sshmanager/security/JwtAuthenticationFilter.java
+++ b/backend/src/main/java/com/sshmanager/security/JwtAuthenticationFilter.java
@@ -52,6 +52,13 @@ public class JwtAuthenticationFilter extends OncePerRequestFilter {
        if (StringUtils.hasText(bearerToken) && bearerToken.startsWith("Bearer ")) {
            return bearerToken.substring(7);
        }
+        // WebSocket handshake sends token as query param
+        if (request.getRequestURI() != null && request.getRequestURI().startsWith("/ws/")) {
+            String token = request.getParameter("token");
+            if (StringUtils.hasText(token)) {
+                return token;
+            }
+        }
        return null;
    }
 }