로그인 기능 추가
This commit is contained in:
@@ -12,6 +12,7 @@ import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
|||||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||||
import org.springframework.security.config.http.SessionCreationPolicy;
|
import org.springframework.security.config.http.SessionCreationPolicy;
|
||||||
import org.springframework.security.web.SecurityFilterChain;
|
import org.springframework.security.web.SecurityFilterChain;
|
||||||
|
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
|
||||||
import org.springframework.web.cors.CorsConfiguration;
|
import org.springframework.web.cors.CorsConfiguration;
|
||||||
import org.springframework.web.cors.CorsConfigurationSource;
|
import org.springframework.web.cors.CorsConfigurationSource;
|
||||||
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
|
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
|
||||||
@@ -26,7 +27,7 @@ public class SecurityConfig {
|
|||||||
|
|
||||||
@Bean
|
@Bean
|
||||||
public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
|
public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
|
||||||
/*
|
|
||||||
http.csrf(csrf -> csrf.disable()) // CSRF 보안 기능 비활성화
|
http.csrf(csrf -> csrf.disable()) // CSRF 보안 기능 비활성화
|
||||||
.sessionManagement(
|
.sessionManagement(
|
||||||
sm ->
|
sm ->
|
||||||
@@ -51,16 +52,7 @@ public class SecurityConfig {
|
|||||||
jwtAuthenticationFilter,
|
jwtAuthenticationFilter,
|
||||||
UsernamePasswordAuthenticationFilter
|
UsernamePasswordAuthenticationFilter
|
||||||
.class) // 요청 들어오면 먼저 JWT 토큰 검사 후 security context 에 사용자 정보 저장.
|
.class) // 요청 들어오면 먼저 JWT 토큰 검사 후 security context 에 사용자 정보 저장.
|
||||||
*/
|
|
||||||
http.csrf(csrf -> csrf.disable())
|
|
||||||
.sessionManagement(sm -> sm.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
|
|
||||||
.formLogin(form -> form.disable())
|
|
||||||
.httpBasic(basic -> basic.disable())
|
|
||||||
.logout(logout -> logout.disable())
|
|
||||||
.authenticationProvider(customAuthenticationProvider)
|
|
||||||
.authorizeHttpRequests(
|
|
||||||
auth -> auth.anyRequest().permitAll()
|
|
||||||
);
|
|
||||||
;
|
;
|
||||||
|
|
||||||
return http.build();
|
return http.build();
|
||||||
|
|||||||
@@ -1,12 +1,16 @@
|
|||||||
package com.kamco.cd.kamcoback.config;
|
package com.kamco.cd.kamcoback.config;
|
||||||
|
|
||||||
//@Configuration
|
import io.swagger.v3.oas.annotations.enums.SecuritySchemeType;
|
||||||
//@SecurityScheme(
|
import io.swagger.v3.oas.annotations.security.SecurityScheme;
|
||||||
// name = "BearerAuth",
|
import org.springframework.context.annotation.Configuration;
|
||||||
// type = SecuritySchemeType.HTTP,
|
|
||||||
// scheme = "bearer",
|
@Configuration
|
||||||
// bearerFormat = "JWT"
|
@SecurityScheme(
|
||||||
//)
|
name = "BearerAuth",
|
||||||
|
type = SecuritySchemeType.HTTP,
|
||||||
|
scheme = "bearer",
|
||||||
|
bearerFormat = "JWT"
|
||||||
|
)
|
||||||
public class SwaggerConfig {
|
public class SwaggerConfig {
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user