Skip to content

Commit

Permalink
refactor : SecurityConfig 리팩토링 (#111)
Browse files Browse the repository at this point in the history
  • Loading branch information
choidongkuen committed Jan 17, 2024
1 parent 0581102 commit bbab74f
Showing 1 changed file with 9 additions and 5 deletions.
14 changes: 9 additions & 5 deletions src/main/java/net/teumteum/core/security/SecurityConfig.java
Original file line number Diff line number Diff line change
Expand Up @@ -28,8 +28,8 @@
@RequiredArgsConstructor
public class SecurityConfig {

private static final String[] PATTERNS = {"/css/**", "/images/**", "/js/**", "/favicon.ico", "/h2-console/**",
"/logins/**"};
private static final String[] PATTERNS = {"/css/**", "/images/**", "/js/**", "/favicon.ico/**", "/h2-console/**",
"/logins/**", "/auth/**"};

private final JwtAuthenticationEntryPoint jwtAuthenticationEntryPoint;
private final JwtAccessDeniedHandler accessDeniedHandler;
Expand All @@ -38,14 +38,18 @@ public class SecurityConfig {
@Bean
public WebSecurityCustomizer webSecurityCustomizer() {
return web -> web.ignoring()
.requestMatchers("/css/**", "/js/**", "/img/**", "/favicon.ico", "/error");
.requestMatchers("/css/**", "/js/**",
"/favicon.ico", "/resources/**"

);
}


@Bean
SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
http.csrf(AbstractHttpConfigurer::disable).cors(cors -> cors.configurationSource(corsConfigurationSource()))
.authorizeHttpRequests(request -> request.requestMatchers("/auth/**", "/logins/**").permitAll()
.requestMatchers(HttpMethod.POST, "/users/registers").permitAll().requestMatchers(PATTERNS).permitAll()
.authorizeHttpRequests(request -> request.requestMatchers(PATTERNS).permitAll()
.requestMatchers(HttpMethod.POST, "/users/registers").permitAll()
.anyRequest().authenticated()).httpBasic(AbstractHttpConfigurer::disable)
.formLogin(AbstractHttpConfigurer::disable)
.sessionManagement(sessionManagement -> sessionManagement.sessionCreationPolicy(STATELESS))
Expand Down

0 comments on commit bbab74f

Please sign in to comment.