11package com .back .global .security ;
22
3+ import com .back .global .rsData .RsData ;
4+ import com .fasterxml .jackson .databind .ObjectMapper ;
35import org .springframework .beans .factory .annotation .Value ;
46import org .springframework .context .annotation .Bean ;
57import org .springframework .context .annotation .Configuration ;
1719
1820import java .util .Arrays ;
1921
22+ import static org .springframework .http .HttpMethod .GET ;
23+ import static org .springframework .http .HttpMethod .POST ;
24+
2025@ Configuration
2126@ EnableWebSecurity
2227@ EnableMethodSecurity
@@ -60,16 +65,15 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
6065 .authorizeHttpRequests (auth -> auth
6166
6267
63- .requestMatchers ("/user/auth/logout" ).authenticated ()
64- /*
6568 .requestMatchers ("/" ).permitAll ()
66- .requestMatchers("/h2-console/**").permitAll()
6769 .requestMatchers ("/actuator/**" ).permitAll ()
6870 .requestMatchers ("/oauth2/**" ).permitAll ()
6971 .requestMatchers ("/login/oauth2/**" ).permitAll ()
70- .requestMatchers("/swagger-ui/**", "/api-docs/**").permitAll()
7172 .requestMatchers ("/user/auth/refresh" ).permitAll ()
7273
74+ // share은 인증 필요
75+ .requestMatchers (GET , "/cocktails/{id}/share" ).authenticated ()
76+
7377 // 권한 불필요 - 조회 API
7478 .requestMatchers (GET , "/cocktails/**" ).permitAll ()
7579 .requestMatchers (POST , "/cocktails/search" ).permitAll ()
@@ -79,14 +83,15 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
7983 .requestMatchers (GET , "/posts/{postId}/comments/{commentId}" ).permitAll ()
8084 .requestMatchers (GET , "/cocktails/{cocktailId}/comments" ).permitAll ()
8185 .requestMatchers (GET , "/cocktails/{cocktailId}/comments/{cocktailCommentId}" ).permitAll ()
86+ .requestMatchers (GET , "/category" ).permitAll ()
8287
83- // 회원 or 인증된 사용자만 가능
84- .requestMatchers("/admin/**").hasRole("ADMIN")
8588 // 나머지 모든 API는 인증 필요
8689 .anyRequest ().authenticated ()
87- */
88- // 개발 편의성을 위해 모든 요청 허용
89- .anyRequest ().permitAll ()
90+
91+
92+ // 회원 or 인증된 사용자만 가능
93+ // .requestMatchers("/admin/**").hasRole("ADMIN")
94+
9095 )
9196 .formLogin (AbstractHttpConfigurer ::disable )
9297 .httpBasic (AbstractHttpConfigurer ::disable )
@@ -104,12 +109,19 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
104109 .authenticationEntryPoint ((request , response , authException ) -> {
105110 response .setContentType ("application/json;charset=UTF-8" );
106111 response .setStatus (401 );
107- response .getWriter ().write ("{\" code\" :401,\" message\" :\" 로그인 후 이용해주세요.\" }" );
112+
113+ RsData <Void > rsData = RsData .of (401 , "로그인 후 이용해주세요." );
114+
115+ ObjectMapper mapper = new ObjectMapper ();
116+ response .getWriter ().write (mapper .writeValueAsString (rsData ));
108117 })
109118 .accessDeniedHandler ((request , response , accessDeniedException ) -> {
110119 response .setContentType ("application/json;charset=UTF-8" );
111120 response .setStatus (403 );
112- response .getWriter ().write ("{\" code\" :403,\" message\" :\" 권한이 없습니다.\" }" );
121+ RsData <Void > rsData = RsData .of (403 , "권한이 없습니다." );
122+
123+ ObjectMapper mapper = new ObjectMapper ();
124+ response .getWriter ().write (mapper .writeValueAsString (rsData ));
113125 })
114126 )
115127 .headers (headers -> headers .frameOptions (HeadersConfigurer .FrameOptionsConfig ::sameOrigin ));
0 commit comments