.

src/main/java/net/skhu/tastyinventory_be/config/MvcConfigurer.java

@@ -1,4 +1,3 @@
-///*
 //package net.skhu.tastyinventory_be.config;
 //
 //import org.springframework.beans.factory.annotation.Value;
@@ -26,4 +25,3 @@
 //                .allowCredentials(true);
 //    }
 //}
-//*/

src/main/java/net/skhu/tastyinventory_be/config/SecurityConfigurer.java

@@ -48,9 +48,8 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
                         .requestMatchers(HttpMethod.OPTIONS,"/**").permitAll()
                         .requestMatchers("/csrf-token").permitAll()
                         .requestMatchers(HttpMethod.POST, "/users", "/authorize").permitAll()
-
                         .requestMatchers(HttpMethod.GET, "/users").authenticated()
-                        .anyRequest().permitAll())
+                        .anyRequest().authenticated())
                 .exceptionHandling(a -> a
                         .accessDeniedHandler((request, response, accessDeniedException) -> {
                             log.error("403: {}", accessDeniedException.getMessage(), accessDeniedException);

src/main/java/net/skhu/tastyinventory_be/controller/user/AuthenticationController.java

@@ -61,12 +61,12 @@ public ResponseEntity<?> getCsrfToken(HttpServletRequest request, HttpServletRes
     }
 
     @PostMapping("/authorize")
-    public BaseResponse<LoginResponseDto> authenticationUsernamePassword(@Valid @RequestBody AuthorizationRequest authorizationRequest, HttpServletRequest request, HttpServletResponse response) {
+    public BaseResponse<String> authenticationUsernamePassword(@Valid @RequestBody AuthorizationRequest authorizationRequest, HttpServletRequest request, HttpServletResponse response) {
         Authentication authentication = authenticationManager.authenticate(new UsernamePasswordAuthenticationToken(authorizationRequest.getUsername(), authorizationRequest.getPassword()));
         UserDetailsImpl userDetails = (UserDetailsImpl) authentication.getPrincipal();
-        generateTokenCookie(userDetails, request, response);
+        String token = generateTokenCookie(userDetails, request, response);
         final LoginResponseDto data = LoginResponseDto.of(userDetails.getEmail());
-        return BaseResponse.success(SuccessCode.LOGIN_SUCCESS, data);
+        return BaseResponse.success(SuccessCode.LOGIN_SUCCESS, token);
     }
 
     @PostMapping("/logout")
@@ -169,7 +169,7 @@ private void generateCSRFTokenCookie(HttpServletResponse response, String csrfTo
         CookieUtils.addCookie(response, StatelessCSRFFilter.CSRF_TOKEN, csrfToken, 60 * 60 * 24);
     }
 
-    private void generateTokenCookie(UserDetails userDetails, HttpServletRequest request, HttpServletResponse response) {
+    private String generateTokenCookie(UserDetails userDetails, HttpServletRequest request, HttpServletResponse response) {
         final int cookieMaxAge = jwtProvider.getTokenExpirationDate().intValue();
         CookieUtils.addCookie(
                 response,
@@ -179,6 +179,7 @@ private void generateTokenCookie(UserDetails userDetails, HttpServletRequest req
                 true,
                 cookieMaxAge
         );
+        return jwtProvider.generateToken(userDetails.getUsername());
     }
 
     private void redirectWithErrorMessage(String uri, String message, HttpServletResponse response) throws IOException {

src/main/java/net/skhu/tastyinventory_be/security/jwt/JwtAuthenticationFilter.java

@@ -13,6 +13,7 @@
 import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
 import org.springframework.stereotype.Component;
+import org.springframework.util.StringUtils;
 import org.springframework.web.filter.OncePerRequestFilter;
 
 import java.io.IOException;
@@ -29,13 +30,19 @@ protected void doFilterInternal(HttpServletRequest request, HttpServletResponse
         String username = null;
         String jwt = null;
 
-        Optional<Cookie> jwtCookie = CookieUtils.getCookie(request, "access_token");
+//        Optional<Cookie> jwtCookie = CookieUtils.getCookie(request, "access_token");
 
-        if (jwtCookie.isPresent()) {
-            jwt = jwtCookie.get().getValue();
+        String token = request.getHeader("Authorization");
+        if (StringUtils.hasText(token) && token.startsWith("Bearer ")) {
+            jwt = token.substring(7);
             username = jwtProvider.extractUsername(jwt);
         }
 
+//        if (jwtCookie.isPresent()) {
+//            jwt = jwtCookie.get().getValue();
+//            username = jwtProvider.extractUsername(jwt);
+//        }
+
         if (username != null && SecurityContextHolder.getContext().getAuthentication() == null) {
             UserDetailsImpl userDetails = (UserDetailsImpl) userDetailsService.loadUserByUsername(username);
 

src/main/java/net/skhu/tastyinventory_be/service/MenuService.java

@@ -33,7 +33,10 @@ public class MenuService {
     public void createMenu(MultipartFile image, MenuRequestDto requestDto) {
         String imageUrl = s3Service.uploadImage(image, "menu");
 
-        Menu menu = Menu.builder().imageUrl(imageUrl).name(requestDto.getName()).build();
+        Menu menu = Menu.builder()
+                .imageUrl(imageUrl)
+                .name(requestDto.getName())
+                .build();
 
         menuRepository.save(menu);