Skip to content

Commit

Permalink
Merge pull request #31 from Triumers/user
Browse files Browse the repository at this point in the history 
[Feature] 유저 권한 헤더에 추가 및 권한에 관한 SpringSecurity 구현
  • Loading branch information
@noctesilente
noctesilente authored Apr 16, 2024
2 parents fcbda63 + 348c06b commit f174c26
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 2 deletions.
3 changes: 1 addition & 2 deletions src/main/java/org/triumers/newsnippetback/common/config/SecurityConfig.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -95,8 +95,7 @@ public CorsConfiguration getCorsConfiguration(HttpServletRequest request) {
//경로별 인가 작업
http.authorizeHttpRequests((auth) -> auth
.requestMatchers("/auth/signup").permitAll()
.requestMatchers("/**").permitAll()
.requestMatchers(("/manager")).hasAnyRole("MANAGER")
.requestMatchers(("/manage")).hasAnyRole("MANAGER")
.requestMatchers("/admin").hasAnyRole("ADMIN")
.anyRequest().authenticated());

Expand Down
1 change: 1 addition & 0 deletions src/main/java/org/triumers/newsnippetback/common/jwt/LoginFilter.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -61,6 +61,7 @@ protected void successfulAuthentication(HttpServletRequest request, HttpServletR
String token = jwtUtil.createJwt(username, role, nickname);

response.addHeader("Authorization", "Bearer " + token);
response.addHeader("UserRole", role.name());
}

@Override
Expand Down

0 comments on commit f174c26

Please sign in to comment.