diff --git a/src/main/java/KGUcapstone/OutDecision/global/security/config/SecurityConfig.java b/src/main/java/KGUcapstone/OutDecision/global/security/config/SecurityConfig.java index 9f9894a..49fab4f 100644 --- a/src/main/java/KGUcapstone/OutDecision/global/security/config/SecurityConfig.java +++ b/src/main/java/KGUcapstone/OutDecision/global/security/config/SecurityConfig.java @@ -11,11 +11,11 @@ import org.springframework.context.annotation.Configuration; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; -import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer; import org.springframework.security.config.http.SessionCreationPolicy; import org.springframework.security.web.SecurityFilterChain; import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; + @Configuration @EnableWebSecurity @RequiredArgsConstructor @@ -28,14 +28,13 @@ public class SecurityConfig { private final CustomLoginSuccessHandler customLoginSuccessHandler; @Bean - public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { + public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { http - .httpBasic(AbstractHttpConfigurer::disable) // HTTP 기본 인증 비활성화 - .cors(cors -> {}) // CORS 활성화 - .csrf(AbstractHttpConfigurer::disable) // CSRF 보호 비활성화 - .sessionManagement(sessionManagement -> - sessionManagement.sessionCreationPolicy(SessionCreationPolicy.STATELESS) // 세션 관리 정책 설정 - ); + .httpBasic().disable() // HTTP 기본 인증을 비활성화 + .cors().and() // CORS 활성화 + .csrf().disable() // CSRF 보호 기능 비활성화 + .sessionManagement() + .sessionCreationPolicy(SessionCreationPolicy.STATELESS); // 세션관리 정책을 STATELESS(세션이 있으면 쓰지도 않고, 없으면 만들지도 않는다) http .formLogin(form -> form @@ -45,39 +44,35 @@ public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Excepti ); http - .logout(logout -> logout - .logoutUrl("/logout") - .logoutSuccessUrl("/") - .permitAll() - ); + .logout() + .logoutUrl("/logout") + .logoutSuccessUrl("/") + .permitAll(); http - .authorizeHttpRequests(authorizeRequests -> - authorizeRequests - .requestMatchers("/public/**", "/login", "/signup").permitAll() // 특정 경로만 허용 - .anyRequest().authenticated() // 나머지 요청은 인증 필요 - ); + .authorizeHttpRequests() + .anyRequest().permitAll(); http - .exceptionHandling(exceptionHandling -> - exceptionHandling.accessDeniedPage("/error") - ); + .exceptionHandling() + .accessDeniedPage("/error"); http .oauth2Login(oauth2 -> oauth2 - .loginPage("/oauth2/authorization") // OAuth2 로그인 페이지 설정 - .userInfoEndpoint(userInfoEndpoint -> - userInfoEndpoint.userService(customOAuth2UserService) - ) - .failureHandler(oAuth2LoginFailureHandler) - .successHandler(oAuth2LoginSuccessHandler) + .loginPage("/login") + .userInfoEndpoint() + .userService(customOAuth2UserService) // OAuth2 로그인시 사용자 정보를 가져오는 엔드포인트와 사용자 서비스를 설정 + .and() + .failureHandler(oAuth2LoginFailureHandler) // OAuth2 로그인 실패시 처리할 핸들러를 지정해준다. + .successHandler(oAuth2LoginSuccessHandler) // OAuth2 로그인 성공시 처리할 핸들러를 지정해준다. .permitAll() ); - // JWT 인증 필터를 UsernamePasswordAuthenticationFilter 앞에 추가 - http.addFilterBefore(jwtAuthFilter, UsernamePasswordAuthenticationFilter.class); - http.addFilterBefore(jwtExceptionFilter, JwtAuthFilter.class); - return http.build(); + // JWT 인증 필터를 UsernamePasswordAuthenticationFilter 앞에 추가한다. + return http + .addFilterBefore(jwtAuthFilter, UsernamePasswordAuthenticationFilter.class) + .addFilterBefore(jwtExceptionFilter, JwtAuthFilter.class) + .build(); } -} +} \ No newline at end of file