diff --git a/src/main/java/com/example/mungtage/config/CorsConfig.java b/src/main/java/com/example/mungtage/config/CorsConfig.java new file mode 100644 index 0000000..9f5b95a --- /dev/null +++ b/src/main/java/com/example/mungtage/config/CorsConfig.java @@ -0,0 +1,19 @@ +package com.example.mungtage.config; + +import lombok.RequiredArgsConstructor; +import org.springframework.context.annotation.Configuration; +import org.springframework.web.servlet.config.annotation.CorsRegistry; +import org.springframework.web.servlet.config.annotation.WebMvcConfigurer; + +@Configuration +@RequiredArgsConstructor +public class CorsConfig implements WebMvcConfigurer { + @Override + public void addCorsMappings(CorsRegistry registry) { + registry.addMapping("/**") + .allowedOrigins("*") + .allowedHeaders("*") + .allowedMethods("*") + .maxAge(3000); + } +} diff --git a/src/main/java/com/example/mungtage/config/SecurityConfig.java b/src/main/java/com/example/mungtage/config/SecurityConfig.java index 109c1ef..27b5f21 100644 --- a/src/main/java/com/example/mungtage/config/SecurityConfig.java +++ b/src/main/java/com/example/mungtage/config/SecurityConfig.java @@ -5,7 +5,6 @@ import com.example.mungtage.config.oauth.OAuth2SuccessHandler; import com.example.mungtage.config.oauth.TokenService; import com.example.mungtage.domain.User.UserRepository; -import com.example.mungtage.domain.User.model.Role; import lombok.RequiredArgsConstructor; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; @@ -17,9 +16,6 @@ import org.springframework.security.crypto.factory.PasswordEncoderFactories; import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; -import org.springframework.web.cors.CorsConfiguration; -import org.springframework.web.cors.CorsConfigurationSource; -import org.springframework.web.cors.UrlBasedCorsConfigurationSource; @Configuration @RequiredArgsConstructor @@ -40,13 +36,11 @@ public PasswordEncoder passwordEncoder() { @Override protected void configure(HttpSecurity http) throws Exception { http.httpBasic().disable() - .cors().configurationSource(corsConfigurationSource()) - .and() .csrf().disable().sessionManagement() .sessionCreationPolicy(SessionCreationPolicy.STATELESS) - .and() - .authorizeRequests() - .antMatchers("/token/**","/oauth2/authorization/**","/api/v1/oauth").permitAll() + .and() + .authorizeRequests() + .antMatchers("/token/**", "/oauth2/authorization/**", "/api/v1/oauth").permitAll() .anyRequest().authenticated(); http.formLogin().disable() @@ -56,21 +50,6 @@ protected void configure(HttpSecurity http) throws Exception { .and() .successHandler(oAuth2SuccessHandler); - http.addFilterBefore(new JwtAuthFilter(tokenService,userRepository), UsernamePasswordAuthenticationFilter.class); - } - - - @Bean - public CorsConfigurationSource corsConfigurationSource() { - CorsConfiguration configuration = new CorsConfiguration(); - - configuration.addAllowedOrigin("*"); - configuration.addAllowedHeader("*"); - configuration.addAllowedMethod("*"); - configuration.setAllowCredentials(true); - - UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); - source.registerCorsConfiguration("/**", configuration); - return source; + http.addFilterBefore(new JwtAuthFilter(tokenService, userRepository), UsernamePasswordAuthenticationFilter.class); } }