Skip to content

Commit 9ae890e

Browse files
seungwookc97seungwookc97
authored
Merge branch 'main' into chore#347
2 parents 809dc20 + dc6e669 commit 9ae890e

File tree

2 files changed

+21
-13
lines changed

2 files changed

+21
-13
lines changed

src/main/java/com/back/domain/user/controller/UserAuthController.java

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -57,6 +57,7 @@ public RsData<Void> logout(HttpServletRequest request, HttpServletResponse respo
5757
@ApiResponses(value = {
5858
@ApiResponse(responseCode = "200", description = "사용자 정보 조회"),
5959
})
60+
6061
@GetMapping("/me")
6162
public RsData<UserMeResDto> getCurrentUser() {
6263
UserMeResDto userInfo = userAuthService.getCurrentUser();

src/main/java/com/back/global/security/SecurityConfig.java

Lines changed: 20 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,7 @@
11
package com.back.global.security;
22

3+
import com.back.global.rsData.RsData;
4+
import com.fasterxml.jackson.databind.ObjectMapper;
35
import org.springframework.beans.factory.annotation.Value;
46
import org.springframework.context.annotation.Bean;
57
import org.springframework.context.annotation.Configuration;
@@ -76,18 +78,16 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
7678
.requestMatchers(GET, "/").permitAll()
7779
.requestMatchers(GET, "/actuator/**").permitAll()
7880

79-
.requestMatchers(GET, "/cocktails/**").permitAll()
81+
.requestMatchers(GET, "/posts").permitAll()
82+
.requestMatchers(GET, "/posts/{postId}").permitAll()
83+
.requestMatchers(GET, "/posts/{postId}/comments").permitAll()
84+
.requestMatchers(GET, "/posts/{postId}/comments/{commentId}").permitAll()
85+
.requestMatchers(GET, "/cocktails/{cocktailId}/comments").permitAll()
86+
.requestMatchers(GET, "/cocktails/{cocktailId}/comments/{cocktailCommentId}").permitAll()
87+
.requestMatchers(GET, "/category").permitAll()
8088

81-
.requestMatchers(GET, "/posts").permitAll()
82-
.requestMatchers(GET, "/posts/{postId}").permitAll()
83-
.requestMatchers(GET, "/posts/{postId}/comments").permitAll()
84-
.requestMatchers(GET, "/posts/{postId}/comments/{commentId}").permitAll()
85-
.requestMatchers(GET, "/cocktails/{cocktailId}/comments").permitAll()
86-
.requestMatchers(GET, "/cocktails/{cocktailId}/comments/{cocktailCommentId}").permitAll()
87-
.requestMatchers(GET, "/category").permitAll()
88-
89-
// 나머지 모든 API는 인증 필요
90-
.anyRequest().authenticated()
89+
// 나머지 모든 API는 인증 필요
90+
.anyRequest().authenticated()
9191

9292

9393
// 회원 or 인증된 사용자만 가능
@@ -110,12 +110,19 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
110110
.authenticationEntryPoint((request, response, authException) -> {
111111
response.setContentType("application/json;charset=UTF-8");
112112
response.setStatus(401);
113-
response.getWriter().write("{\"code\":401,\"message\":\"로그인 후 이용해주세요.\"}");
113+
114+
RsData<Void> rsData = RsData.of(401, "로그인 후 이용해주세요.");
115+
116+
ObjectMapper mapper = new ObjectMapper();
117+
response.getWriter().write(mapper.writeValueAsString(rsData));
114118
})
115119
.accessDeniedHandler((request, response, accessDeniedException) -> {
116120
response.setContentType("application/json;charset=UTF-8");
117121
response.setStatus(403);
118-
response.getWriter().write("{\"code\":403,\"message\":\"권한이 없습니다.\"}");
122+
RsData<Void> rsData = RsData.of(403, "권한이 없습니다.");
123+
124+
ObjectMapper mapper = new ObjectMapper();
125+
response.getWriter().write(mapper.writeValueAsString(rsData));
119126
})
120127
)
121128
.headers(headers -> headers.frameOptions(HeadersConfigurer.FrameOptionsConfig::sameOrigin));

0 commit comments

Comments
 (0)