Merge pull request #62 from LIKELION-TEAM4-HACKATHON/cors-config

cors 설정 추가
LIKELION-TEAM4-HACKATHON · Jul 28, 2024 · f1c743b · f1c743b
2 parents d611262 + 7f8cb13
commit f1c743b
Show file tree

Hide file tree

Showing 2 changed files with 36 additions and 0 deletions.
diff --git a/src/main/java/likelion/MZConnent/api/TestController.java b/src/main/java/likelion/MZConnent/api/TestController.java
@@ -0,0 +1,13 @@
+package likelion.MZConnent.api;
+
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RestController;
+
+@RestController
+public class TestController {
+    @GetMapping("/api/test")
+    public String test() {
+        return  "test";
+    }
+}
diff --git a/src/main/java/likelion/MZConnent/config/SecurityConfig.java b/src/main/java/likelion/MZConnent/config/SecurityConfig.java
@@ -1,5 +1,6 @@
 package likelion.MZConnent.config;
 
+import jakarta.servlet.http.HttpServletRequest;
 import likelion.MZConnent.jwt.JwtAccessDeniedHandler;
 import likelion.MZConnent.jwt.JwtAuthenticationEntryPoint;
 import likelion.MZConnent.jwt.JwtFilter;
@@ -14,6 +15,12 @@
 import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.security.web.SecurityFilterChain;
 import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
+import org.springframework.web.cors.CorsConfiguration;
+import org.springframework.web.cors.CorsConfigurationSource;
+import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
+
+import java.util.Arrays;
+import java.util.Collections;
 
 
 @Configuration
@@ -34,6 +41,7 @@ public class SecurityConfig {
             "/api/categories/region", "/api/clubs/list",
             "/api/main",
             "/swagger", "/swagger-ui.html", "/swagger-ui/**", "/api-docs", "/api-docs/**", "/v3/api-docs/**", //swagger
+            "/api/test"
     };
     // 로그인 안한 사용자만 접속 가능한 것
     private final String[] anonymousUrl = {
@@ -44,6 +52,7 @@ public class SecurityConfig {
     @Bean
     public SecurityFilterChain securityFilterChain(HttpSecurity httpSecurity) throws Exception {
         httpSecurity
+                .cors(cors -> cors.configurationSource(corsConfigurationSource()))
                 .csrf(AbstractHttpConfigurer::disable)
                 .formLogin(AbstractHttpConfigurer::disable)
                 .sessionManagement(session -> session
@@ -63,6 +72,20 @@ public SecurityFilterChain securityFilterChain(HttpSecurity httpSecurity) throws
         return httpSecurity.build();
     }
 
+    @Bean
+    public CorsConfigurationSource corsConfigurationSource() {
+        CorsConfiguration config = new CorsConfiguration();
+        config.setAllowedOrigins(Arrays.asList("http://localhost:3000")); // frontend url
+        config.setAllowedMethods(Arrays.asList("GET", "POST", "PUT", "DELETE", "OPTIONS"));
+        config.setAllowedHeaders(Collections.singletonList("*"));
+        config.setAllowCredentials(true);
+        config.setMaxAge(3600L);
+
+        UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
+        source.registerCorsConfiguration("/**", config);
+        return source;
+    }
+
     // 비밀번호 암호화
     @Bean
     public PasswordEncoder passwordEncoder() { //비밀번호 암호화