Skip to content

Commit 94b871d

Browse files
xYunaLxYunaL
committed
fix: SecurityConfig 권한 수정
1 parent 4707627 commit 94b871d

File tree

1 file changed

+24
-13
lines changed

1 file changed

+24
-13
lines changed

src/main/java/org/muses/backendbulidtest251228/global/config/SecurityConfig.java

Lines changed: 24 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -9,6 +9,7 @@
99
import org.muses.backendbulidtest251228.global.security.handler.OAuth2LoginSuccessHandler;
1010
import org.springframework.context.annotation.Bean;
1111
import org.springframework.context.annotation.Configuration;
12+
import org.springframework.http.HttpMethod;
1213
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
1314
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
1415
import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
@@ -42,21 +43,31 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
4243
// JWT 사용 -> 세션 사용 X
4344
.sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
4445
.authorizeHttpRequests(auth -> auth
45-
// Swagger 허용
46-
.requestMatchers("/swagger-ui/**", "/swagger-ui.html", "/api-docs/**", "/v3/api-docs/**","/api/landing").permitAll()
47-
// QR 화면 허용
46+
// ==== 인프라/정적 리소스 ====
47+
.requestMatchers(
48+
"/swagger-ui/**", "/swagger-ui.html",
49+
"/api-docs/**", "/v3/api-docs/**",
50+
"/health", "/error",
51+
"/files/**"
52+
).permitAll()
53+
// ==== 인증 API ====
54+
.requestMatchers(
55+
"/api/auth/signup",
56+
"/api/auth/login",
57+
"/api/auth/signup/check-email",
58+
"/login/**",
59+
"/oauth2/**",
60+
"/auth/callback"
61+
).permitAll()
62+
// ==== 공개 API ====
63+
.requestMatchers(HttpMethod.POST, "/api/landing").permitAll()
64+
.requestMatchers(HttpMethod.GET, "/api/projects/**").permitAll()
65+
.requestMatchers(HttpMethod.GET, "/api/events/**").permitAll()
66+
.requestMatchers(HttpMethod.GET, "/api/alarms/**").permitAll()
67+
// ==== QR 체크인 결과 ====
4868
.requestMatchers("/api/checkin/result", "/checkin/result").permitAll()
49-
.requestMatchers("/api/auth/profile/**", "/api/users/me/**").authenticated()
50-
.requestMatchers("/login/**", "/auth/callback", "/api/auth/**", "/oauth2/**", "/api/projects/**", "/api/alarms/**", "/api/events/**", "/health", "/error").permitAll()
51-
.requestMatchers(org.springframework.http.HttpMethod.GET, "/api/creators/applications/me").authenticated()
52-
.requestMatchers(org.springframework.http.HttpMethod.POST, "/api/creators/applications").authenticated()
53-
.requestMatchers(org.springframework.http.HttpMethod.POST, "/api/creators/applications/me/docs").authenticated()
54-
.requestMatchers(org.springframework.http.HttpMethod.GET, "/api/creators/applications/me/docs").authenticated()
55-
.requestMatchers(org.springframework.http.HttpMethod.POST, "/api/creators/applications/me/submit").authenticated()
56-
.requestMatchers("/api/creators/**").hasRole("CREATOR")
69+
// ==== 관리자 전용 ====
5770
.requestMatchers("/api/admin/**").hasRole("ADMIN")
58-
// TODO 정적 파일 (업로드된 이미지) 허용
59-
.requestMatchers("/files/**").permitAll()
6071
.anyRequest().authenticated()
6172
)
6273
// JWT 필터 등록

0 commit comments

Comments
 (0)