Skip to content

Commit

Permalink
Merge pull request #281 from OutDecision/issue/74
Browse files Browse the repository at this point in the history 
[UPDATE] SECURECONFIG 수정
  • Loading branch information
@201912160
201912160 authored Jun 1, 2024
2 parents d4941ce + 3fe9c2c commit f2e9bc2
Showing 1 changed file with 27 additions and 32 deletions.
59 changes: 27 additions & 32 deletions src/main/java/KGUcapstone/OutDecision/global/security/config/SecurityConfig.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,11 +11,11 @@
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;


@Configuration
@EnableWebSecurity
@RequiredArgsConstructor
Expand All @@ -28,14 +28,13 @@ public class SecurityConfig {
private final CustomLoginSuccessHandler customLoginSuccessHandler;

@Bean
public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
http
.httpBasic(AbstractHttpConfigurer::disable) // HTTP 기본 인증 비활성화
.cors(cors -> {}) // CORS 활성화
.csrf(AbstractHttpConfigurer::disable) // CSRF 보호 비활성화
.sessionManagement(sessionManagement ->
sessionManagement.sessionCreationPolicy(SessionCreationPolicy.STATELESS) // 세션 관리 정책 설정
);
.httpBasic().disable() // HTTP 기본 인증을 비활성화
.cors().and() // CORS 활성화
.csrf().disable() // CSRF 보호 기능 비활성화
.sessionManagement()
.sessionCreationPolicy(SessionCreationPolicy.STATELESS); // 세션관리 정책을 STATELESS(세션이 있으면 쓰지도 않고, 없으면 만들지도 않는다)

http
.formLogin(form -> form
Expand All @@ -45,39 +44,35 @@ public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Excepti
);

http
.logout(logout -> logout
.logoutUrl("/logout")
.logoutSuccessUrl("/")
.permitAll()
);
.logout()
.logoutUrl("/logout")
.logoutSuccessUrl("/")
.permitAll();

http
.authorizeHttpRequests(authorizeRequests ->
authorizeRequests
.requestMatchers("/public/**", "/login", "/signup").permitAll() // 특정 경로만 허용
.anyRequest().authenticated() // 나머지 요청은 인증 필요
);
.authorizeHttpRequests()
.anyRequest().permitAll();

http
.exceptionHandling(exceptionHandling ->
exceptionHandling.accessDeniedPage("/error")
);
.exceptionHandling()
.accessDeniedPage("/error");

http
.oauth2Login(oauth2 -> oauth2
.loginPage("/oauth2/authorization") // OAuth2 로그인 페이지 설정
.userInfoEndpoint(userInfoEndpoint ->
userInfoEndpoint.userService(customOAuth2UserService)
)
.failureHandler(oAuth2LoginFailureHandler)
.successHandler(oAuth2LoginSuccessHandler)
.loginPage("/login")
.userInfoEndpoint()
.userService(customOAuth2UserService) // OAuth2 로그인시 사용자 정보를 가져오는 엔드포인트와 사용자 서비스를 설정
.and()
.failureHandler(oAuth2LoginFailureHandler) // OAuth2 로그인 실패시 처리할 핸들러를 지정해준다.
.successHandler(oAuth2LoginSuccessHandler) // OAuth2 로그인 성공시 처리할 핸들러를 지정해준다.
.permitAll()
);

// JWT 인증 필터를 UsernamePasswordAuthenticationFilter 앞에 추가
http.addFilterBefore(jwtAuthFilter, UsernamePasswordAuthenticationFilter.class);
http.addFilterBefore(jwtExceptionFilter, JwtAuthFilter.class);

return http.build();
// JWT 인증 필터를 UsernamePasswordAuthenticationFilter 앞에 추가한다.
return http
.addFilterBefore(jwtAuthFilter, UsernamePasswordAuthenticationFilter.class)
.addFilterBefore(jwtExceptionFilter, JwtAuthFilter.class)
.build();
}
}
}

0 comments on commit f2e9bc2

Please sign in to comment.