Merge pull request #20 from mungtage/feature/#15

Fix : cors요청 수정
mungtage · Oct 20, 2022 · d70dbc0 · d70dbc0
2 parents e308220 + 1cbc8a3
commit d70dbc0
Show file tree

Hide file tree

Showing 2 changed files with 23 additions and 25 deletions.
diff --git a/src/main/java/com/example/mungtage/config/CorsConfig.java b/src/main/java/com/example/mungtage/config/CorsConfig.java
@@ -0,0 +1,19 @@
+package com.example.mungtage.config;
+
+import lombok.RequiredArgsConstructor;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.web.servlet.config.annotation.CorsRegistry;
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
+
+@Configuration
+@RequiredArgsConstructor
+public class CorsConfig implements WebMvcConfigurer {
+    @Override
+    public void addCorsMappings(CorsRegistry registry) {
+        registry.addMapping("/**")
+                .allowedOrigins("*")
+                .allowedHeaders("*")
+                .allowedMethods("*")
+                .maxAge(3000);
+    }
+}
diff --git a/src/main/java/com/example/mungtage/config/SecurityConfig.java b/src/main/java/com/example/mungtage/config/SecurityConfig.java
@@ -5,7 +5,6 @@
 import com.example.mungtage.config.oauth.OAuth2SuccessHandler;
 import com.example.mungtage.config.oauth.TokenService;
 import com.example.mungtage.domain.User.UserRepository;
-import com.example.mungtage.domain.User.model.Role;
 import lombok.RequiredArgsConstructor;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
@@ -17,9 +16,6 @@
 import org.springframework.security.crypto.factory.PasswordEncoderFactories;
 import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
-import org.springframework.web.cors.CorsConfiguration;
-import org.springframework.web.cors.CorsConfigurationSource;
-import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
 
 @Configuration
 @RequiredArgsConstructor
@@ -40,13 +36,11 @@ public PasswordEncoder passwordEncoder() {
     @Override
     protected void configure(HttpSecurity http) throws Exception {
         http.httpBasic().disable()
-                .cors().configurationSource(corsConfigurationSource())
-                .and()
                 .csrf().disable().sessionManagement()
                 .sessionCreationPolicy(SessionCreationPolicy.STATELESS)
-                        .and()
-                                .authorizeRequests()
-                .antMatchers("/token/**","/oauth2/authorization/**","/api/v1/oauth").permitAll()
+                .and()
+                .authorizeRequests()
+                .antMatchers("/token/**", "/oauth2/authorization/**", "/api/v1/oauth").permitAll()
                 .anyRequest().authenticated();
 
         http.formLogin().disable()
@@ -56,21 +50,6 @@ protected void configure(HttpSecurity http) throws Exception {
                 .and()
                 .successHandler(oAuth2SuccessHandler);
 
-        http.addFilterBefore(new JwtAuthFilter(tokenService,userRepository), UsernamePasswordAuthenticationFilter.class);
-    }
-
-
-    @Bean
-    public CorsConfigurationSource corsConfigurationSource() {
-        CorsConfiguration configuration = new CorsConfiguration();
-
-        configuration.addAllowedOrigin("*");
-        configuration.addAllowedHeader("*");
-        configuration.addAllowedMethod("*");
-        configuration.setAllowCredentials(true);
-
-        UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
-        source.registerCorsConfiguration("/**", configuration);
-        return source;
+        http.addFilterBefore(new JwtAuthFilter(tokenService, userRepository), UsernamePasswordAuthenticationFilter.class);
     }
 }