Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix: Cors 해제 #5

Merged
merged 1 commit into from
Nov 21, 2023
+21 −9
Merged

Fix: Cors 해제 #5

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
17 changes: 9 additions & 8 deletions src/main/java/com/readyvery/readyverydemo/security/config/SpringSecurityConfig.java
View file
Original file line number Diff line number Diff line change
@@ -42,6 +42,7 @@ public class SpringSecurityConfig {
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
http
// [PART 1]
.cors(cors -> cors.configurationSource(corsConfigurationSource()))
.csrf(AbstractHttpConfigurer::disable)
.sessionManagement((sessionManagement) ->
sessionManagement.sessionCreationPolicy(SessionCreationPolicy.STATELESS)
@@ -55,7 +56,8 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
.requestMatchers(
"/jwt-test",
"/oauth2/**",
"/login"
"/login",
"/api/v1/auth"
).permitAll() // 해당 요청은 인증이 필요함
.anyRequest().authenticated() // 위를 제외한 나머지는 모두 허용
)
@@ -93,14 +95,13 @@ public PasswordEncoder passwordEncoder() {

@Bean
CorsConfigurationSource corsConfigurationSource() {
CorsConfiguration configuration = new CorsConfiguration();
configuration.setAllowedOrigins(Arrays.asList("*"));
//configuration.setAllowedMethods(Arrays.asList("POST", "PATCH", "GET", "DELETE"));

// TODO: 이 부분은 나중에 삭제해야 됨
configuration.setAllowedMethods(Arrays.asList("*")); // 모든 HTTP 메서드 허용
configuration.setAllowedHeaders(Arrays.asList("*")); // 모든 헤더 허용
configuration.setAllowCredentials(true); // 크레덴셜(쿠키, HTTP 인증 등) 허용
//configuration.setAllowedMethods(Arrays.asList("*")); // 모든 HTTP 메서드 허용
CorsConfiguration configuration = new CorsConfiguration();
configuration.setAllowedOriginPatterns(Arrays.asList("*")); // 변경된 설정
configuration.setAllowedMethods(Arrays.asList("GET", "POST", "OPTIONS", "DELETE", "PUT", "PATCH"));
configuration.setAllowedHeaders(Arrays.asList("*"));
configuration.setAllowCredentials(true);

UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
source.registerCorsConfiguration("/**", configuration);
8 changes: 7 additions & 1 deletion src/main/java/com/readyvery/readyverydemo/src/ceo/CeoServiceImpl.java
View file
Original file line number Diff line number Diff line change
@@ -29,7 +29,7 @@ public class CeoServiceImpl implements CeoService {

@Override
public CeoAuthRes getCeoAuthByCustomUserDetails(CustomUserDetails userDetails) {

verifyUserDetails(userDetails);
return ceoMapper.ceoInfoToCeoAuthRes(userDetails);

}
@@ -66,4 +66,10 @@ private CeoInfo getCeoInfo(Long id) {
);
}

private void verifyUserDetails(CustomUserDetails userDetails) {
if (userDetails == null) {
throw new BusinessLogicException(ExceptionCode.USER_NOT_FOUND);
}
}

}
3 changes: 3 additions & 0 deletions src/main/java/com/readyvery/readyverydemo/src/ceo/dto/CeoAuthRes.java
View file
Original file line number Diff line number Diff line change
@@ -2,9 +2,12 @@

import lombok.Builder;
import lombok.Getter;

@Getter
@Builder
public class CeoAuthRes {
private Long id;
private String email;
private boolean auth;
private boolean admin;
}
2 changes: 2 additions & 0 deletions src/main/java/com/readyvery/readyverydemo/src/ceo/dto/CeoMapper.java
View file
Original file line number Diff line number Diff line change
@@ -12,6 +12,8 @@ public CeoAuthRes ceoInfoToCeoAuthRes(CustomUserDetails userDetails) {
return CeoAuthRes.builder()
.id(userDetails.getId())
.email(userDetails.getEmail())
.auth(userDetails.isEnabled())
.admin(false)
.build();
}