Merge pull request '비밀번호 변경 security 로직 수정' (#122) from feat/training_260202 into develop

Reviewed-on: #122
2026-02-20 11:37:08 +09:00
parent 5f62f4a209 ad421e3c74
commit ae3601cff5
2 changed files with 4 additions and 3 deletions
--- a/src/main/java/com/kamco/cd/training/auth/JwtAuthenticationFilter.java
+++ b/src/main/java/com/kamco/cd/training/auth/JwtAuthenticationFilter.java
@@ -23,7 +23,8 @@ public class JwtAuthenticationFilter extends OncePerRequestFilter {
  private final UserDetailsService userDetailsService;
  private static final AntPathMatcher PATH_MATCHER = new AntPathMatcher();
  private static final String[] EXCLUDE_PATHS = {
-    "/api/auth/signin", "/api/auth/refresh", "/api/auth/logout", "/api/members/*/password"
+    //    "/api/auth/signin", "/api/auth/refresh", "/api/auth/logout", "/api/members/*/password"
+    "/api/auth/signin", "/api/auth/refresh", "/api/auth/logout"
  };

  @Override
--- a/src/main/java/com/kamco/cd/training/config/SecurityConfig.java
+++ b/src/main/java/com/kamco/cd/training/config/SecurityConfig.java
@@ -76,13 +76,13 @@ public class SecurityConfig {
                        "/api/auth/logout",
                        "/swagger-ui/**",
                        "/v3/api-docs/**",
-                        "/api/members/*/password",
                        "/api/upload/chunk-upload-dataset",
                        "/api/upload/chunk-upload-complete",
                        "/download_progress_test.html",
                        "/api/models/download/**")
                    .permitAll()
-
+                    .requestMatchers("/api/members/*/password")
+                    .authenticated()
                    // default
                    .anyRequest()
                    .authenticated())