11package com .back .global .security ;
22
3+ import com .back .global .rsData .RsData ;
4+ import com .fasterxml .jackson .databind .ObjectMapper ;
35import org .springframework .beans .factory .annotation .Value ;
46import org .springframework .context .annotation .Bean ;
57import org .springframework .context .annotation .Configuration ;
1719
1820import java .util .Arrays ;
1921
22+ import static org .springframework .http .HttpMethod .GET ;
23+ import static org .springframework .http .HttpMethod .POST ;
24+
2025@ Configuration
2126@ EnableWebSecurity
2227@ EnableMethodSecurity
@@ -59,34 +64,38 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
5964 .addFilterBefore (customAuthenticationFilter , UsernamePasswordAuthenticationFilter .class )
6065 .authorizeHttpRequests (auth -> auth
6166
62-
63- .requestMatchers ("/user/auth/logout" ).authenticated ()
64- /*
65- .requestMatchers("/").permitAll()
66- .requestMatchers("/h2-console/**").permitAll()
67- .requestMatchers("/actuator/**").permitAll()
67+ // OAuth, GET POST 둘 다 사용
6868 .requestMatchers ("/oauth2/**" ).permitAll ()
6969 .requestMatchers ("/login/oauth2/**" ).permitAll ()
70- .requestMatchers("/swagger-ui/**", "/api-docs/**").permitAll()
71- .requestMatchers("/user/auth/refresh").permitAll()
70+
71+ //르프레시 갱신 및 칵테일 검색
72+ .requestMatchers (POST , "/user/auth/refresh" ).permitAll ()
73+ .requestMatchers (POST , "/cocktails/search" ).permitAll ()
74+
75+ // share은 인증 필요
76+ .requestMatchers (GET , "/cocktails/{id}/share" ).authenticated ()
7277
7378 // 권한 불필요 - 조회 API
79+ .requestMatchers (GET , "/" ).permitAll ()
80+ .requestMatchers (GET , "/actuator/**" ).permitAll ()
81+
7482 .requestMatchers (GET , "/cocktails/**" ).permitAll ()
75- .requestMatchers(POST, "/cocktails/search").permitAll()
83+
7684 .requestMatchers (GET , "/posts" ).permitAll ()
7785 .requestMatchers (GET , "/posts/{postId}" ).permitAll ()
7886 .requestMatchers (GET , "/posts/{postId}/comments" ).permitAll ()
7987 .requestMatchers (GET , "/posts/{postId}/comments/{commentId}" ).permitAll ()
8088 .requestMatchers (GET , "/cocktails/{cocktailId}/comments" ).permitAll ()
8189 .requestMatchers (GET , "/cocktails/{cocktailId}/comments/{cocktailCommentId}" ).permitAll ()
90+ .requestMatchers (GET , "/category" ).permitAll ()
8291
83- // 회원 or 인증된 사용자만 가능
84- .requestMatchers("/admin/**").hasRole("ADMIN")
8592 // 나머지 모든 API는 인증 필요
8693 .anyRequest ().authenticated ()
87- */
88- // 개발 편의성을 위해 모든 요청 허용
89- .anyRequest ().permitAll ()
94+
95+
96+ // 회원 or 인증된 사용자만 가능
97+ // .requestMatchers("/admin/**").hasRole("ADMIN")
98+
9099 )
91100 .formLogin (AbstractHttpConfigurer ::disable )
92101 .httpBasic (AbstractHttpConfigurer ::disable )
@@ -104,12 +113,19 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
104113 .authenticationEntryPoint ((request , response , authException ) -> {
105114 response .setContentType ("application/json;charset=UTF-8" );
106115 response .setStatus (401 );
107- response .getWriter ().write ("{\" code\" :401,\" message\" :\" 로그인 후 이용해주세요.\" }" );
116+
117+ RsData <Void > rsData = RsData .of (401 , "로그인 후 이용해주세요." );
118+
119+ ObjectMapper mapper = new ObjectMapper ();
120+ response .getWriter ().write (mapper .writeValueAsString (rsData ));
108121 })
109122 .accessDeniedHandler ((request , response , accessDeniedException ) -> {
110123 response .setContentType ("application/json;charset=UTF-8" );
111124 response .setStatus (403 );
112- response .getWriter ().write ("{\" code\" :403,\" message\" :\" 권한이 없습니다.\" }" );
125+ RsData <Void > rsData = RsData .of (403 , "권한이 없습니다." );
126+
127+ ObjectMapper mapper = new ObjectMapper ();
128+ response .getWriter ().write (mapper .writeValueAsString (rsData ));
113129 })
114130 )
115131 .headers (headers -> headers .frameOptions (HeadersConfigurer .FrameOptionsConfig ::sameOrigin ));
0 commit comments