로그인 기능 추가

2025-12-04 18:07:42 +09:00
parent 7deff52a53
commit 1dcc0fff6c
2 changed files with 14 additions and 18 deletions
--- a/src/main/java/com/kamco/cd/kamcoback/config/SecurityConfig.java
+++ b/src/main/java/com/kamco/cd/kamcoback/config/SecurityConfig.java
@@ -12,6 +12,7 @@ import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.http.SessionCreationPolicy;
 import org.springframework.security.web.SecurityFilterChain;
+import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
 import org.springframework.web.cors.CorsConfiguration;
 import org.springframework.web.cors.CorsConfigurationSource;
 import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
@@ -26,7 +27,7 @@ public class SecurityConfig {

  @Bean
  public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
-    /*
+
    http.csrf(csrf -> csrf.disable()) // CSRF 보안 기능 비활성화
      .sessionManagement(
        sm ->
@@ -51,16 +52,7 @@ public class SecurityConfig {
        jwtAuthenticationFilter,
        UsernamePasswordAuthenticationFilter
          .class) // 요청 들어오면 먼저 JWT 토큰 검사 후 security context 에 사용자 정보 저장.
-*/
-    http.csrf(csrf -> csrf.disable())
-      .sessionManagement(sm -> sm.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
-      .formLogin(form -> form.disable())
-      .httpBasic(basic -> basic.disable())
-      .logout(logout -> logout.disable())
-      .authenticationProvider(customAuthenticationProvider)
-      .authorizeHttpRequests(
-        auth -> auth.anyRequest().permitAll()
-      );
+
    ;

    return http.build();
--- a/src/main/java/com/kamco/cd/kamcoback/config/SwaggerConfig.java
+++ b/src/main/java/com/kamco/cd/kamcoback/config/SwaggerConfig.java
@@ -1,12 +1,16 @@
 package com.kamco.cd.kamcoback.config;

-//@Configuration
-//@SecurityScheme(
-//  name = "BearerAuth",
-//  type = SecuritySchemeType.HTTP,
-//  scheme = "bearer",
-//  bearerFormat = "JWT"
-//)
+import io.swagger.v3.oas.annotations.enums.SecuritySchemeType;
+import io.swagger.v3.oas.annotations.security.SecurityScheme;
+import org.springframework.context.annotation.Configuration;
+
+@Configuration
+@SecurityScheme(
+  name = "BearerAuth",
+  type = SecuritySchemeType.HTTP,
+  scheme = "bearer",
+  bearerFormat = "JWT"
+)
 public class SwaggerConfig {

 }