Skip to content

Commit

Permalink
feat : security config 추가
Browse files Browse the repository at this point in the history
  • Loading branch information
minseok1015 committed Aug 19, 2024
1 parent 8bcc31c commit e0a6245
Showing 1 changed file with 19 additions and 17 deletions.
36 changes: 19 additions & 17 deletions src/main/java/store/itpick/backend/config/SecurityConfig.java
Original file line number Diff line number Diff line change
Expand Up @@ -31,28 +31,30 @@ public PasswordEncoder passwordEncoder() {
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {

http
.csrf(AbstractHttpConfigurer::disable)
.csrf(AbstractHttpConfigurer::disable) // CSRF 보호 비활성화
.cors(withDefaults()) // CORS 설정 추가
.formLogin(FormLoginConfigurer::disable)
.formLogin(FormLoginConfigurer::disable) // 폼 로그인 비활성화
.sessionManagement(sessionManagement ->
sessionManagement.sessionCreationPolicy(SessionCreationPolicy.STATELESS)
sessionManagement.sessionCreationPolicy(SessionCreationPolicy.STATELESS) // 세션 관리 정책 설정
);


return http.build();
}

// @Bean
// public CorsFilter corsFilter() {
// UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
// CorsConfiguration config = new CorsConfiguration();
// config.setAllowCredentials(true);
// config.addAllowedOrigin("https://itpick.netlify.app");
// config.addAllowedOrigin("http://localhost:3000");
// config.addAllowedOrigin("http://localhost:5173");
// config.setAllowedMethods(Arrays.asList("GET", "POST", "PUT", "PATCH", "DELETE", "OPTIONS"));
// config.setAllowedHeaders(Arrays.asList("authorization", "content-type", "x-auth-token", "Accept", "X-Requested-With"));
// config.setExposedHeaders(Arrays.asList("Authorization", "location"));
// source.registerCorsConfiguration("/**", config);
// return new CorsFilter(source);
// }
@Bean
public CorsFilter corsFilter() {
UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
CorsConfiguration config = new CorsConfiguration();
config.setAllowCredentials(true);
config.addAllowedOrigin("https://itpick.netlify.app");
config.addAllowedOrigin("http://localhost:3000");
config.addAllowedOrigin("http://localhost:5173");
config.addAllowedOrigin("https://localhost:5173");
config.setAllowedMethods(Arrays.asList("GET", "POST", "PUT", "PATCH", "DELETE", "OPTIONS"));
config.setAllowedHeaders(Arrays.asList("authorization", "content-type", "x-auth-token", "Accept", "X-Requested-With"));
config.setExposedHeaders(Arrays.asList("Authorization", "location"));
source.registerCorsConfiguration("/**", config);
return new CorsFilter(source);
}
}

0 comments on commit e0a6245

Please sign in to comment.