fix: fix cors err

Soongsil-CoffeeChat · May 15, 2024 · 817c482 · 817c482
1 parent d760f39
commit 817c482
Show file tree

Hide file tree

Showing 2 changed files with 18 additions and 5 deletions.
diff --git a/src/main/java/com/soongsil/CoffeeChat/config/SecurityConfig.java b/src/main/java/com/soongsil/CoffeeChat/config/SecurityConfig.java
@@ -103,9 +103,9 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
 		//경로별 인가 작업
 		http    //기본경로 "/" 제외한 나머지는 로그인해야만 사용가능
 			.authorizeHttpRequests((auth) -> auth
-				// .requestMatchers("/").permitAll()
-				// .requestMatchers("/reissue").permitAll()
-				// .requestMatchers("/auth/email/**").permitAll()
+				.requestMatchers("/").permitAll()
+				.requestMatchers("/reissue").permitAll()
+				.requestMatchers("/auth/email/**").permitAll()
 				.requestMatchers("/api/v1/user/**").hasRole("USER")
 				//.requestMatchers("/api/v1/**").hasAnyRole("MENTEE", "MENTOR") //로그인 제외하면 다 멘티나 멘토 아니면 접근불가
 				.requestMatchers("api/v1/possibleDate/**").hasRole("MENTOR")
@@ -121,7 +121,6 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
 	@Bean
 	public WebSecurityCustomizer webSecurityCustomizer() {
 		return (web) -> web.ignoring()
-			.requestMatchers("/v3/api-docs/**", "/swagger-ui/**", "/swagger-resources/**", "/auth/email/**", "/reissue",
-				"/auth/email/**");
+			.requestMatchers("/v3/api-docs/**", "/swagger-ui/**", "/swagger-resources/**");
 	}
 }
diff --git a/src/main/java/com/soongsil/CoffeeChat/config/jwt/JWTFilter.java b/src/main/java/com/soongsil/CoffeeChat/config/jwt/JWTFilter.java
@@ -3,6 +3,7 @@
 import java.io.IOException;
 
 import org.springframework.http.HttpHeaders;
+import org.springframework.http.HttpMethod;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.context.SecurityContextHolder;
@@ -26,6 +27,19 @@ public JWTFilter(JWTUtil jwtUtil) {
 	@Override
 	protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response,
 		FilterChain filterChain) throws ServletException, IOException {
+
+		// 특정 경로들에 대해 필터 로직을 건너뛰도록 설정
+		if (request.getMethod().equals(HttpMethod.OPTIONS.name())) {
+			// OPTIONS 요청일 경우 필터 처리를 건너뛰고 다음 필터로 진행
+			filterChain.doFilter(request, response);
+			return;
+		}
+
+		String path = request.getRequestURI();
+		if (path.startsWith("/health-check") || path.startsWith("/security-check") || path.startsWith("/reissue")) {
+			filterChain.doFilter(request, response);
+			return;
+		}
 		// 헤더에서 authorization키에 담긴 토큰을 꺼냄
 		String authorization = request.getHeader(HttpHeaders.AUTHORIZATION);
 		//토큰꺼내기