From 7f8cb13e12a0fdda7f93366be4231e6d78dea582 Mon Sep 17 00:00:00 2001 From: chaeyoungeee Date: Sun, 28 Jul 2024 16:00:22 +0900 Subject: [PATCH] =?UTF-8?q?feat:=20cors=20=EC=84=A4=EC=A0=95=20=EC=B6=94?= =?UTF-8?q?=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../MZConnent/api/TestController.java | 13 +++++++++++ .../MZConnent/config/SecurityConfig.java | 23 +++++++++++++++++++ 2 files changed, 36 insertions(+) create mode 100644 src/main/java/likelion/MZConnent/api/TestController.java diff --git a/src/main/java/likelion/MZConnent/api/TestController.java b/src/main/java/likelion/MZConnent/api/TestController.java new file mode 100644 index 0000000..8bf7a29 --- /dev/null +++ b/src/main/java/likelion/MZConnent/api/TestController.java @@ -0,0 +1,13 @@ +package likelion.MZConnent.api; + +import org.springframework.web.bind.annotation.GetMapping; +import org.springframework.web.bind.annotation.RequestBody; +import org.springframework.web.bind.annotation.RestController; + +@RestController +public class TestController { + @GetMapping("/api/test") + public String test() { + return "test"; + } +} diff --git a/src/main/java/likelion/MZConnent/config/SecurityConfig.java b/src/main/java/likelion/MZConnent/config/SecurityConfig.java index 9f34b74..7550702 100644 --- a/src/main/java/likelion/MZConnent/config/SecurityConfig.java +++ b/src/main/java/likelion/MZConnent/config/SecurityConfig.java @@ -1,5 +1,6 @@ package likelion.MZConnent.config; +import jakarta.servlet.http.HttpServletRequest; import likelion.MZConnent.jwt.JwtAccessDeniedHandler; import likelion.MZConnent.jwt.JwtAuthenticationEntryPoint; import likelion.MZConnent.jwt.JwtFilter; @@ -14,6 +15,12 @@ import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.security.web.SecurityFilterChain; import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; +import org.springframework.web.cors.CorsConfiguration; +import org.springframework.web.cors.CorsConfigurationSource; +import org.springframework.web.cors.UrlBasedCorsConfigurationSource; + +import java.util.Arrays; +import java.util.Collections; @Configuration @@ -34,6 +41,7 @@ public class SecurityConfig { "/api/categories/region", "/api/clubs/list", "/api/main", "/swagger", "/swagger-ui.html", "/swagger-ui/**", "/api-docs", "/api-docs/**", "/v3/api-docs/**", //swagger + "/api/test" }; // 로그인 안한 사용자만 접속 가능한 것 private final String[] anonymousUrl = { @@ -44,6 +52,7 @@ public class SecurityConfig { @Bean public SecurityFilterChain securityFilterChain(HttpSecurity httpSecurity) throws Exception { httpSecurity + .cors(cors -> cors.configurationSource(corsConfigurationSource())) .csrf(AbstractHttpConfigurer::disable) .formLogin(AbstractHttpConfigurer::disable) .sessionManagement(session -> session @@ -63,6 +72,20 @@ public SecurityFilterChain securityFilterChain(HttpSecurity httpSecurity) throws return httpSecurity.build(); } + @Bean + public CorsConfigurationSource corsConfigurationSource() { + CorsConfiguration config = new CorsConfiguration(); + config.setAllowedOrigins(Arrays.asList("http://localhost:3000")); // frontend url + config.setAllowedMethods(Arrays.asList("GET", "POST", "PUT", "DELETE", "OPTIONS")); + config.setAllowedHeaders(Collections.singletonList("*")); + config.setAllowCredentials(true); + config.setMaxAge(3600L); + + UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); + source.registerCorsConfiguration("/**", config); + return source; + } + // 비밀번호 암호화 @Bean public PasswordEncoder passwordEncoder() { //비밀번호 암호화