diff --git a/build.gradle b/build.gradle index b2445e5..413e51b 100644 --- a/build.gradle +++ b/build.gradle @@ -44,9 +44,9 @@ dependencies { runtimeOnly group: 'io.jsonwebtoken', name: 'jjwt-jackson', version: '0.11.2' // JSON 변환기 (Claims ↔ JSON 직렬화용) // Swagger 설정 - implementation 'org.springdoc:springdoc-openapi-ui:1.6.15' - implementation 'io.springfox:springfox-swagger2:2.9.2' - implementation 'io.springfox:springfox-swagger-ui:2.9.2' + //implementation 'org.springdoc:springdoc-openapi-ui:1.6.15' + //implementation 'io.springfox:springfox-swagger2:2.9.2' + //implementation 'io.springfox:springfox-swagger-ui:2.9.2' // xml 위해서 implementation 'org.jsoup:jsoup:1.17.2' diff --git a/src/main/java/agridata/spring/config/WebMvcConfig.java b/src/main/java/agridata/spring/config/WebMvcConfig.java index 7ac76c4..f21fda0 100644 --- a/src/main/java/agridata/spring/config/WebMvcConfig.java +++ b/src/main/java/agridata/spring/config/WebMvcConfig.java @@ -11,7 +11,7 @@ public class WebMvcConfig implements WebMvcConfigurer { @Override public void addCorsMappings(CorsRegistry registry){ registry.addMapping("/**") - .allowedOrigins("http://localhost:3000","http://192.168.35.77:3000") + .allowedOrigins("http://localhost:3000","http://192.168.35.77:3000", "https://agridata.site") .allowedMethods("GET","POST","PUT","PATCH","DELETE","OPTIONS") .allowedHeaders("*") .allowCredentials(true) diff --git a/src/main/java/agridata/spring/config/WebSecurityConfig.java b/src/main/java/agridata/spring/config/WebSecurityConfig.java index 5c2172c..bf6c761 100644 --- a/src/main/java/agridata/spring/config/WebSecurityConfig.java +++ b/src/main/java/agridata/spring/config/WebSecurityConfig.java @@ -27,55 +27,58 @@ @Configuration @EnableWebSecurity @Slf4j -public class WebSecurityConfig -{ +public class WebSecurityConfig { + + @Autowired + private JwtAuthenticationFilter jwtAuthenticationFilter; + @Bean public PasswordEncoder passwordEncoder() { return new BCryptPasswordEncoder(); } - @Autowired - private JwtAuthenticationFilter jwtAuthenticationFilter; - @Bean protected SecurityFilterChain filterChain(HttpSecurity http) throws Exception { try { - http.csrf(AbstractHttpConfigurer::disable) .httpBasic(AbstractHttpConfigurer::disable) .cors(Customizer.withDefaults()) - .sessionManagement((sessionManagement) -> + .sessionManagement(sessionManagement -> sessionManagement.sessionCreationPolicy(SessionCreationPolicy.STATELESS) ) - - .authorizeHttpRequests((authorizeRequests) -> - authorizeRequests.requestMatchers("/health","/users/auth/**","/school/**", - "/v3/api-docs/**", "/swagger-ui/**", "/swagger-resources/**","/chat/**","/mail/**", - "http://localhost:8080/**").permitAll() - + .authorizeHttpRequests(authorizeRequests -> + authorizeRequests + .requestMatchers( + "/health", + "/users/auth/**", + "/school/**", + "/v3/api-docs/**", + "/swagger-ui/**", + "/swagger-resources/**", + "/chat/**", + "/mail/**", + "/api/**", + "/login", + "/signup" + + ).permitAll() .anyRequest().authenticated() ) - .exceptionHandling((exceptionConfig) -> - exceptionConfig - .authenticationEntryPoint(unauthorizedEntryPoint) - ); // 401 403 관련 예외처리 - ; - http.addFilterAfter( - jwtAuthenticationFilter, - UsernamePasswordAuthenticationFilter.class - ); + .exceptionHandling(exceptionConfig -> + exceptionConfig.authenticationEntryPoint(unauthorizedEntryPoint) + ); + + http.addFilterAfter(jwtAuthenticationFilter, UsernamePasswordAuthenticationFilter.class); + return http.build(); } catch (Exception e) { - throw new RuntimeException(e); } - } private final AuthenticationEntryPoint unauthorizedEntryPoint = (request, response, authException) -> { - - ApiResponse apiResponse = new ApiResponse(false,"401","인증이 필요합니다.",null); + ApiResponse apiResponse = new ApiResponse<>(false, "401", "인증이 필요합니다.", null); response.setCharacterEncoding("UTF-8"); response.setStatus(HttpStatus.UNAUTHORIZED.value()); response.setContentType(MediaType.APPLICATION_JSON_VALUE); @@ -83,7 +86,5 @@ protected SecurityFilterChain filterChain(HttpSecurity http) throws Exception { PrintWriter writer = response.getWriter(); writer.write(new ObjectMapper().writeValueAsString(apiResponse)); writer.flush(); - }; - } \ No newline at end of file