feat: cors 설정 (#102)

rjswjddn · web-flow · commit b0bb3b1a85bb · 2025-07-29T17:12:55.000+09:00
diff --git a/src/main/java/com/oronaminc/join/member/security/SecurityConfig.java b/src/main/java/com/oronaminc/join/member/security/SecurityConfig.java
@@ -2,13 +2,18 @@
 
 import static org.springframework.security.config.Customizer.*;
 
+import java.util.List;
+
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.Profile;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
 import org.springframework.security.web.SecurityFilterChain;
+import org.springframework.web.cors.CorsConfiguration;
+import org.springframework.web.cors.CorsConfigurationSource;
+import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
 
 import lombok.RequiredArgsConstructor;
 
@@ -23,7 +28,7 @@ public class SecurityConfig {
     public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
         return http
                 .csrf(csrf -> csrf.disable())
-                .cors(cors -> cors.disable())
+                .cors(cors -> cors.configurationSource(corsConfigurationSource()))
                 .authorizeHttpRequests(auth -> auth
                         .requestMatchers(
                                 "/api/auth/guest",
@@ -51,4 +56,17 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
                 .logout(withDefaults())
                 .build();
     }
+
+    @Bean
+    public CorsConfigurationSource corsConfigurationSource() {
+        CorsConfiguration configuration = new CorsConfiguration();
+        configuration.setAllowCredentials(true);
+        configuration.setAllowedOriginPatterns(List.of("*"));
+        configuration.setAllowedMethods(List.of("GET", "POST", "PUT", "DELETE", "OPTIONS"));
+        configuration.setAllowedHeaders(List.of("*"));
+
+        UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
+        source.registerCorsConfiguration("/**", configuration);
+        return source;
+    }
 }
diff --git a/src/main/java/com/oronaminc/join/websocket/handshake/CustomHandshakeHandler.java b/src/main/java/com/oronaminc/join/websocket/handshake/CustomHandshakeHandler.java
@@ -58,5 +58,4 @@ protected Principal determineUser(ServerHttpRequest request, WebSocketHandler ws
         // fallback 경로로 전송
         return null;
     }
-
 }

Original file line number	Diff line number	Diff line change
`@@ -58,5 +58,4 @@ protected Principal determineUser(ServerHttpRequest request, WebSocketHandler ws`
`58`	`58`	`// fallback 경로로 전송`
`59`	`59`	`return null;`
`60`	`60`	`}`
`61`		`-`
`62`	`61`	`}`