Skip to content

Commit

Permalink
FIX : cors config
Browse files Browse the repository at this point in the history
  • Loading branch information
gaguriee committed Jul 28, 2024
1 parent 8fef4f5 commit 121cf8a
Showing 1 changed file with 23 additions and 2 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,11 @@
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.CorsConfigurationSource;
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;

import java.util.Arrays;

@RequiredArgsConstructor
@Configuration
Expand All @@ -36,7 +41,7 @@ public class WebSecurityConfig {
public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
http
.csrf(AbstractHttpConfigurer::disable)
.cors(AbstractHttpConfigurer::disable) // TODO :: 프론트 배포 뒤 CORS 설정
.cors(corsConfigurer -> corsConfigurer.configurationSource(corsConfigurationSource()))
.httpBasic(AbstractHttpConfigurer::disable)
.formLogin(AbstractHttpConfigurer::disable)
.logout(AbstractHttpConfigurer::disable)
Expand Down Expand Up @@ -79,4 +84,20 @@ public WebSecurityCustomizer webSecurityCustomizer() {
.requestMatchers("/error", "/favicon.ico", "/swagger-ui/**", "/api-docs/**");

}
}


@Bean
CorsConfigurationSource corsConfigurationSource() {
CorsConfiguration configuration = new CorsConfiguration();

configuration.setAllowedOriginPatterns(Arrays.asList("*"));
configuration.setAllowedMethods(Arrays.asList("HEAD", "POST", "GET", "DELETE", "PUT"));
configuration.setAllowedHeaders(Arrays.asList("*"));
configuration.setAllowCredentials(true);

UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
source.registerCorsConfiguration("/**", configuration);
return source;
}

}

0 comments on commit 121cf8a

Please sign in to comment.