feat : cors 수정

Capic2024 · Apr 18, 2024 · 7a20ec1 · 7a20ec1
1 parent 331136d
commit 7a20ec1
Showing 1 changed file with 21 additions and 0 deletions.
diff --git a/src/main/java/com/capic/server/global/config/CorsConfig.java b/src/main/java/com/capic/server/global/config/CorsConfig.java
@@ -3,7 +3,13 @@
 import lombok.RequiredArgsConstructor;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.Customizer;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
+import org.springframework.security.config.http.SessionCreationPolicy;
+import org.springframework.security.web.SecurityFilterChain;
+import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
 import org.springframework.web.cors.CorsConfiguration;
 import org.springframework.web.cors.CorsConfigurationSource;
 import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
@@ -13,6 +19,21 @@
 @EnableWebSecurity
 @RequiredArgsConstructor
 public class CorsConfig {
+
+    /**
+     * FilterChain 설정
+     * @param http - 시큐리티 설정을 담당하는 객체
+     * @return - FilterChain 진행 값 반환
+     * @throws Exception - 시큐리티 설정 관련 모든 예외 (JWT 관련 포함)
+     */
+    @Bean
+    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
+        // CORS 허용, CSRF 비활성화
+        http.cors(Customizer.withDefaults())
+                .csrf(AbstractHttpConfigurer::disable);
+
+        return http.build();
+    }
     /**
      * CORS 허용하도록 커스터마이징 진행
      * @return - 변경된 CORS 정책 정보 반환