Merge pull request #130 from yooonwodyd/weekly

refactor:[#84]- refact Security
kakao-tech-campus-2nd-step3 · Nov 15, 2024 · 2c76231 · 2c76231
2 parents f048aed + 0e4a239
commit 2c76231
Show file tree

Hide file tree

Showing 2 changed files with 53 additions and 12 deletions.
diff --git a/src/main/java/com/helpmeCookies/global/config/WebConfig.java b/src/main/java/com/helpmeCookies/global/config/WebConfig.java
@@ -1,19 +1,18 @@
 package com.helpmeCookies.global.config;
-import java.util.List;
-import lombok.RequiredArgsConstructor;
+
+
 import org.springframework.context.annotation.Configuration;
-import org.springframework.web.method.support.HandlerMethodArgumentResolver;
 import org.springframework.web.servlet.config.annotation.CorsRegistry;
 import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
+
 @Configuration
-@RequiredArgsConstructor
 public class WebConfig implements WebMvcConfigurer {
-    @Override
-    public void addCorsMappings(CorsRegistry registry) {
-        registry.addMapping("/**")
-            .allowedOriginPatterns("http://1.618.s3-website.ap-northeast-2.amazonaws.com/") // 허용할 도메인 (모든 도메인 허용: "*")
-            .allowedMethods("*") // 허용할 HTTP 메서드
-            .allowedHeaders("*") // 허용할 헤더
-            .allowCredentials(true); // 인증 정보 허용 여부
-    }
+	@Override
+	public void addCorsMappings(CorsRegistry registry) {
+		registry.addMapping("/**")
+			.allowedOrigins("http://1.618.s3-website.ap-northeast-2.amazonaws.com", "http://localhost:3000")
+			.allowedMethods("GET", "POST", "PUT", "DELETE", "OPTIONS")
+			.allowedHeaders("Authorization", "Content-Type", "X-Requested-With", "accept", "Origin", "Access-Control-Request-Method", "Access-Control-Request-Headers")
+			.allowCredentials(true);
+	}
 }
diff --git a/src/main/java/com/helpmeCookies/global/security/CorsLoggingFilter.java b/src/main/java/com/helpmeCookies/global/security/CorsLoggingFilter.java
@@ -0,0 +1,42 @@
+package com.helpmeCookies.global.security;
+
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.stereotype.Component;
+import org.springframework.web.filter.OncePerRequestFilter;
+
+import java.io.IOException;
+
+
+import jakarta.servlet.FilterChain;
+import jakarta.servlet.ServletException;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+
+@Component
+public class CorsLoggingFilter extends OncePerRequestFilter {
+
+	private static final Logger logger = LoggerFactory.getLogger(CorsLoggingFilter.class);
+
+	@Override
+	protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain)
+		throws ServletException, IOException {
+
+		// 요청 헤더 로깅
+		String origin = request.getHeader("Origin");
+		if (origin != null) {
+			logger.info("Request Origin Header: {}", origin);
+		}
+
+		// 필터 체인을 통해 요청 처리
+		filterChain.doFilter(request, response);
+
+		// 응답 헤더 로깅
+		logger.info("Response Headers:");
+		response.getHeaderNames().forEach(headerName -> {
+			String headerValue = response.getHeader(headerName);
+			logger.info("{}: {}", headerName, headerValue);
+		});
+	}
+}