diff --git a/build.gradle b/build.gradle index e1e15b3..bb1ace2 100644 --- a/build.gradle +++ b/build.gradle @@ -25,6 +25,7 @@ dependencies { // Spring Boot Default implementation 'org.springframework.boot:spring-boot-starter-data-jpa' implementation 'org.springframework.boot:spring-boot-starter-web' + implementation 'org.springframework.boot:spring-boot-starter-security' testImplementation 'org.springframework.boot:spring-boot-starter-test' // Lombok diff --git a/src/main/java/com/capic/server/global/config/CorsConfig.java b/src/main/java/com/capic/server/global/config/CorsConfig.java new file mode 100644 index 0000000..8bba980 --- /dev/null +++ b/src/main/java/com/capic/server/global/config/CorsConfig.java @@ -0,0 +1,40 @@ +package com.capic.server.global.config; + +import lombok.RequiredArgsConstructor; +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; +import org.springframework.web.cors.CorsConfiguration; +import org.springframework.web.cors.CorsConfigurationSource; +import org.springframework.web.cors.UrlBasedCorsConfigurationSource; + +import java.util.List; +@Configuration +@EnableWebSecurity +@RequiredArgsConstructor +public class CorsConfig { + /** + * CORS 허용하도록 커스터마이징 진행 + * @return - 변경된 CORS 정책 정보 반환 + */ + @Bean + CorsConfigurationSource corsConfigurationSource() { + CorsConfiguration config = new CorsConfiguration(); + + // 인증정보 주고받도록 허용 + config.setAllowCredentials(true); + // 허용할 주소 + config.setAllowedOriginPatterns(List.of("*")); + // 허용할 HTTP Method + config.setAllowedMethods(List.of("GET", "POST", "PUT", "DELETE", "PATCH", "OPTIONS")); + // 허용할 헤더 정보 + config.setAllowedHeaders(List.of("*")); + config.setExposedHeaders(List.of("*")); + + UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); + source.registerCorsConfiguration("/**", config); + + return source; + } + +}