Skip to content

Commit 060098a

Browse files
ninw0205ninw0205
authored
Merge pull request #71 from Gachigage/chore/server-setting-fix
[chore] Dev 버전 시 로컬 프론트 cors 매핑 추가2
2 parents 673ad4b + 0d13088 commit 060098a

File tree

1 file changed

+30
-0
lines changed

1 file changed

+30
-0
lines changed

src/main/java/com/gachigage/global/config/SecurityConfig.java

Lines changed: 30 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,12 @@
11
package com.gachigage.global.config;
22

3+
import java.util.Arrays;
4+
import java.util.Collections;
5+
import java.util.Optional;
6+
37
import org.springframework.context.annotation.Bean;
48
import org.springframework.context.annotation.Configuration;
9+
import org.springframework.context.annotation.Profile;
510
import org.springframework.http.HttpMethod;
611
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
712
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
@@ -10,6 +15,9 @@
1015
import org.springframework.security.web.SecurityFilterChain;
1116
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
1217
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
18+
import org.springframework.web.cors.CorsConfiguration;
19+
import org.springframework.web.cors.CorsConfigurationSource;
20+
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
1321

1422
import com.gachigage.global.login.service.CustomOAuth2UserService;
1523

@@ -25,7 +33,15 @@ public class SecurityConfig {
2533

2634
@Bean
2735
public SecurityFilterChain securityFilterChain(HttpSecurity http,
36+
Optional<CorsConfigurationSource> corsConfigurationSource,
2837
CustomAuthenticationEntryPoint customAuthenticationEntryPoint) throws Exception {
38+
39+
if (corsConfigurationSource.isPresent()) {
40+
http.cors(cors -> cors.configurationSource(corsConfigurationSource.get()));
41+
} else {
42+
http.cors(AbstractHttpConfigurer::disable); // prod 등 빈이 없는 경우 CORS 비활성화
43+
}
44+
2945
http.csrf(AbstractHttpConfigurer::disable)
3046
.formLogin(AbstractHttpConfigurer::disable)
3147
.httpBasic(AbstractHttpConfigurer::disable)
@@ -51,4 +67,18 @@ public SecurityFilterChain securityFilterChain(HttpSecurity http,
5167

5268
return http.build();
5369
}
70+
71+
@Bean
72+
@Profile("dev")
73+
public CorsConfigurationSource corsConfigurationSource() {
74+
CorsConfiguration configuration = new CorsConfiguration();
75+
configuration.setAllowedOriginPatterns(Collections.singletonList("http://localhost:3000"));
76+
configuration.setAllowedMethods(Arrays.asList("GET", "POST", "PUT", "DELETE", "OPTIONS"));
77+
configuration.setAllowedHeaders(Collections.singletonList("*"));
78+
configuration.setAllowCredentials(true);
79+
80+
UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
81+
source.registerCorsConfiguration("/**", configuration);
82+
return source;
83+
}
5484
}

0 commit comments

Comments
 (0)