Skip to content

Commit

Permalink
Merge pull request #220 from JNU-econovation/bug/BE-83
Browse files Browse the repository at this point in the history 
[BE-83] 로그인, 회원가입 JwtFilter 안거치게 수정
  • Loading branch information
@LJH098
LJH098 authored Mar 11, 2024
2 parents 6a8e3c9 + a440937 commit 6b9bc25
Showing 1 changed file with 24 additions and 30 deletions.
54 changes: 24 additions & 30 deletions ...Recruit-Api/src/main/java/com/econovation/recruit/api/config/security/SecurityConfig.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,11 +6,13 @@
import com.econovation.recruitcommon.helper.SpringEnvironmentHelper;
import lombok.RequiredArgsConstructor;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.boot.autoconfigure.security.servlet.PathRequest;
import org.springframework.context.annotation.Bean;
import org.springframework.http.HttpMethod;
import org.springframework.security.access.hierarchicalroles.RoleHierarchyImpl;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
Expand Down Expand Up @@ -66,36 +68,6 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
}

http.authorizeRequests()
.mvcMatchers(SwaggerPatterns)
.permitAll()
.mvcMatchers(HttpMethod.POST, "/api/v1/applicants/mail")
.permitAll()
.mvcMatchers(HttpMethod.GET, "/api/v1/applicants")
.permitAll()
.mvcMatchers(HttpMethod.POST, "/api/v1/applicants")
.permitAll()
.mvcMatchers(HttpMethod.GET, "/api/v1/token")
.permitAll()
.mvcMatchers(HttpMethod.GET, "/api/v1/timetables")
.permitAll()
.mvcMatchers(HttpMethod.POST, "/api/v1/timetables")
.permitAll()
.mvcMatchers(HttpMethod.POST, "/api/v1/applicants/*/timetables")
.permitAll()
.mvcMatchers(HttpMethod.GET, "/api/v1/applicants/*/timetables")
.permitAll()
.mvcMatchers(HttpMethod.POST, "/api/v1/questions")
.permitAll()
.mvcMatchers(HttpMethod.POST, "/api/v1/applicants")
.permitAll()
.mvcMatchers(HttpMethod.POST, "/api/v1/signup")
.permitAll()
.mvcMatchers(HttpMethod.POST, "/api/v1/token/refresh")
.permitAll()
.mvcMatchers(HttpMethod.POST, "/api/v1/login")
.permitAll()
.mvcMatchers(HttpMethod.POST, "/api/v1/register")
.permitAll()
// 면접관 삭제는 회장단 이상부터 가능합니다.
// .mvcMatchers("/**")
// .permitAll()
Expand Down Expand Up @@ -128,4 +100,26 @@ public DefaultWebSecurityExpressionHandler expressionHandler() {
expressionHandler.setRoleHierarchy(roleHierarchy());
return expressionHandler;
}

@Bean
public WebSecurityCustomizer webSecurityCustomizer() {
return web ->
web.ignoring()
.antMatchers(SwaggerPatterns)
.antMatchers(HttpMethod.POST, "/api/v1/applicants/mail",
"/api/v1/applicants",
"/api/v1/timetables",
"/api/v1/applicants/*/timetables",
"/api/v1/questions",
"/api/v1/applicants",
"/api/v1/signup",
"/api/v1/token/refresh",
"/api/v1/login",
"/api/v1/register")
.antMatchers(HttpMethod.GET, "/api/v1/applicants",
"/api/v1/token",
"/api/v1/timetables",
"/api/v1/applicants/*/timetables")
.requestMatchers(PathRequest.toStaticResources().atCommonLocations());
}
}

0 comments on commit 6b9bc25

Please sign in to comment.