feat: 인증을 독립적으로 처리하도록 한다.

#27
BDD-CLUB · Nov 21, 2024 · 561fea4 · 561fea4
1 parent 3a124e8
commit 561fea4
Showing 1 changed file with 5 additions and 1 deletion.
diff --git a/src/main/java/MusicPlatform/global/config/security/Oauth2ClientConfig.java b/src/main/java/MusicPlatform/global/config/security/Oauth2ClientConfig.java
@@ -1,5 +1,7 @@
 package MusicPlatform.global.config.security;
 
+import static org.springframework.security.config.http.SessionCreationPolicy.STATELESS;
+
 import MusicPlatform.domain.oauth2.service.OAuth2UserService;
 import MusicPlatform.global.filter.JwtAuthorizationFilter;
 import MusicPlatform.global.handler.LoginSuccessHandler;
@@ -40,13 +42,15 @@ SecurityFilterChain securityFilterChane(HttpSecurity http) throws Exception {
         http.csrf(AbstractHttpConfigurer::disable);
         http.cors(AbstractHttpConfigurer::disable);
 
+        http.sessionManagement(sessionManagement -> sessionManagement.sessionCreationPolicy(STATELESS));
+
         http.oauth2Login(oauth2 -> oauth2
                 .userInfoEndpoint(userInfoEndpointConfig -> userInfoEndpointConfig.userService(oAuth2UserService))
                 .successHandler(loginSuccessHandler)
                 .failureUrl(errorPage)
         );
 
-        http.addFilterAfter(jwtAuthorizationFilter, UsernamePasswordAuthenticationFilter.class);
+        http.addFilterBefore(jwtAuthorizationFilter, UsernamePasswordAuthenticationFilter.class);
 
         http.exceptionHandling(exception -> exception
                 .accessDeniedHandler(oauthAccessDeniedHandler)