diff --git a/src/main/java/store/itpick/backend/config/SecurityConfig.java b/src/main/java/store/itpick/backend/config/SecurityConfig.java index 99f491a..aab3300 100644 --- a/src/main/java/store/itpick/backend/config/SecurityConfig.java +++ b/src/main/java/store/itpick/backend/config/SecurityConfig.java @@ -1,6 +1,5 @@ package store.itpick.backend.config; - import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.security.config.annotation.web.builders.HttpSecurity; @@ -33,25 +32,27 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { http .csrf(AbstractHttpConfigurer::disable) -// .cors(withDefaults()) // CORS 설정 추가 + .cors(withDefaults()) // CORS 설정 추가 .formLogin(FormLoginConfigurer::disable) - .sessionManagement((sessionManagement) -> + .sessionManagement(sessionManagement -> sessionManagement.sessionCreationPolicy(SessionCreationPolicy.STATELESS) ); return http.build(); } -// @Bean -// public CorsFilter corsFilter() { -// UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); -// CorsConfiguration config = new CorsConfiguration(); -// config.setAllowCredentials(true); -// config.addAllowedOrigin("https://itpick.netlify.app"); -// config.setAllowedMethods(Arrays.asList("GET", "POST", "PUT", "PATCH", "DELETE", "OPTIONS")); -// config.setAllowedHeaders(Arrays.asList("authorization", "content-type", "x-auth-token")); -// config.setExposedHeaders(Arrays.asList("set-cookie")); -// source.registerCorsConfiguration("/**", config); -// return new CorsFilter(source); -// } -} \ No newline at end of file + @Bean + public CorsFilter corsFilter() { + UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); + CorsConfiguration config = new CorsConfiguration(); + config.setAllowCredentials(true); + config.addAllowedOrigin("https://itpick.netlify.app"); + config.addAllowedOrigin("http://localhost:3000"); + config.addAllowedOrigin("http://localhost:5173"); + config.setAllowedMethods(Arrays.asList("GET", "POST", "PUT", "PATCH", "DELETE", "OPTIONS")); + config.setAllowedHeaders(Arrays.asList("authorization", "content-type", "x-auth-token", "Accept", "X-Requested-With")); + config.setExposedHeaders(Arrays.asList("Authorization", "location")); + source.registerCorsConfiguration("/**", config); + return new CorsFilter(source); + } +} diff --git a/src/main/java/store/itpick/backend/config/WebConfig.java b/src/main/java/store/itpick/backend/config/WebConfig.java index 1fc938d..a41d41f 100644 --- a/src/main/java/store/itpick/backend/config/WebConfig.java +++ b/src/main/java/store/itpick/backend/config/WebConfig.java @@ -41,16 +41,16 @@ public void addArgumentResolvers(List resolvers) - @Override - public void addCorsMappings(CorsRegistry registry) { - registry.addMapping("/**") - .allowedOriginPatterns("http://localhost:3000", "http://localhost:5173", "https://localhost:5173", - "https://itpick.netlify.app") - .allowedMethods("GET", "POST", "PUT", "DELETE", "PATCH","OPTIONS") - .exposedHeaders("location", "Authorization") - .allowedHeaders("Content-Type", "Authorization", "X-Requested-With", "Accept") - .allowCredentials(true); - } +// @Override +// public void addCorsMappings(CorsRegistry registry) { +// registry.addMapping("/**") +// .allowedOriginPatterns("http://localhost:3000", "http://localhost:5173", "https://localhost:5173", +// "https://itpick.netlify.app") +// .allowedMethods("GET", "POST", "PUT", "DELETE", "PATCH","OPTIONS") +// .exposedHeaders("location", "Authorization") +// .allowedHeaders("Content-Type", "Authorization", "X-Requested-With", "Accept") +// .allowCredentials(true); +// }