Skip to content

Commit f3a3d86

Browse files
5uhwann5uhwann
authored
[DDING-000] 람다 트리깅 인증 규칙 수정 (#198)
1 parent 8375dbd commit f3a3d86

File tree

2 files changed

+55
-52
lines changed

2 files changed

+55
-52
lines changed

src/main/java/ddingdong/ddingdongBE/common/config/SecurityConfig.java

Lines changed: 53 additions & 51 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,7 @@
11
package ddingdong.ddingdongBE.common.config;
22

33
import static org.springframework.http.HttpMethod.GET;
4+
import static org.springframework.http.HttpMethod.POST;
45

56
import ddingdong.ddingdongBE.auth.service.JwtAuthService;
67
import ddingdong.ddingdongBE.common.filter.JwtAuthenticationFilter;
@@ -33,57 +34,58 @@ public class SecurityConfig {
3334
public SecurityFilterChain filterChain(HttpSecurity http, JwtAuthService authService, JwtConfig config)
3435
throws Exception {
3536
http
36-
.authorizeHttpRequests(auth -> auth
37-
.requestMatchers(API_PREFIX + "/auth/**",
38-
API_PREFIX + "/events/**")
39-
.permitAll()
40-
.requestMatchers(API_PREFIX + "/admin/**").hasRole("ADMIN")
41-
.requestMatchers(API_PREFIX + "/central/**").hasRole("CLUB")
42-
.requestMatchers(actuatorPath).hasRole("ADMIN")
43-
.requestMatchers(GET,
44-
API_PREFIX + "/clubs/**",
45-
API_PREFIX + "/notices/**",
46-
API_PREFIX + "/banners/**",
47-
API_PREFIX + "/documents/**",
48-
API_PREFIX + "/questions/**",
49-
API_PREFIX + "/feeds/**",
50-
API_PREFIX + "/internal/**")
51-
.permitAll()
52-
.requestMatchers("/v3/api-docs/**", "/swagger-ui/**", "/swagger-resources/**")
53-
.permitAll()
54-
.anyRequest()
55-
.authenticated()
56-
)
57-
.cors(cors -> cors
58-
.configurationSource(corsConfigurationSource())
59-
)
60-
/*
61-
csrf, headers, http-basic, rememberMe, formLogin 비활성화
62-
*/
63-
.csrf(AbstractHttpConfigurer::disable)
64-
.headers(AbstractHttpConfigurer::disable)
65-
.httpBasic(AbstractHttpConfigurer::disable)
66-
.rememberMe(AbstractHttpConfigurer::disable)
67-
.formLogin(AbstractHttpConfigurer::disable)
68-
.logout(AbstractHttpConfigurer::disable)
69-
/*
70-
Session 설정
71-
*/
72-
.sessionManagement(session -> session
73-
.sessionCreationPolicy(SessionCreationPolicy.STATELESS)
74-
)
75-
/*
76-
Jwt 필터
77-
*/
78-
.addFilterBefore(authenticationFilter(authService, config),
79-
UsernamePasswordAuthenticationFilter.class)
80-
/*
81-
exceptionHandling
82-
*/
83-
.exceptionHandling(exceptions -> exceptions
84-
.authenticationEntryPoint(restAuthenticationEntryPoint())
85-
.accessDeniedHandler(accessDeniedHandler())
86-
);
37+
.authorizeHttpRequests(auth -> auth
38+
.requestMatchers(API_PREFIX + "/auth/**",
39+
API_PREFIX + "/events/**")
40+
.permitAll()
41+
.requestMatchers(API_PREFIX + "/admin/**").hasRole("ADMIN")
42+
.requestMatchers(API_PREFIX + "/central/**").hasRole("CLUB")
43+
.requestMatchers(actuatorPath).hasRole("ADMIN")
44+
.requestMatchers(GET,
45+
API_PREFIX + "/clubs/**",
46+
API_PREFIX + "/notices/**",
47+
API_PREFIX + "/banners/**",
48+
API_PREFIX + "/documents/**",
49+
API_PREFIX + "/questions/**",
50+
API_PREFIX + "/feeds/**")
51+
.permitAll()
52+
.requestMatchers(POST, API_PREFIX + "/internal/**")
53+
.permitAll()
54+
.requestMatchers("/v3/api-docs/**", "/swagger-ui/**", "/swagger-resources/**")
55+
.permitAll()
56+
.anyRequest()
57+
.authenticated()
58+
)
59+
.cors(cors -> cors
60+
.configurationSource(corsConfigurationSource())
61+
)
62+
/*
63+
csrf, headers, http-basic, rememberMe, formLogin 비활성화
64+
*/
65+
.csrf(AbstractHttpConfigurer::disable)
66+
.headers(AbstractHttpConfigurer::disable)
67+
.httpBasic(AbstractHttpConfigurer::disable)
68+
.rememberMe(AbstractHttpConfigurer::disable)
69+
.formLogin(AbstractHttpConfigurer::disable)
70+
.logout(AbstractHttpConfigurer::disable)
71+
/*
72+
Session 설정
73+
*/
74+
.sessionManagement(session -> session
75+
.sessionCreationPolicy(SessionCreationPolicy.STATELESS)
76+
)
77+
/*
78+
Jwt 필터
79+
*/
80+
.addFilterBefore(authenticationFilter(authService, config),
81+
UsernamePasswordAuthenticationFilter.class)
82+
/*
83+
exceptionHandling
84+
*/
85+
.exceptionHandling(exceptions -> exceptions
86+
.authenticationEntryPoint(restAuthenticationEntryPoint())
87+
.accessDeniedHandler(accessDeniedHandler())
88+
);
8789

8890
return http.build();
8991
}

src/main/java/ddingdong/ddingdongBE/domain/vodprocessing/controller/VodProcessingJobController.java

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -5,6 +5,7 @@
55
import io.swagger.v3.oas.annotations.Hidden;
66
import lombok.RequiredArgsConstructor;
77
import org.springframework.web.bind.annotation.PostMapping;
8+
import org.springframework.web.bind.annotation.RequestBody;
89
import org.springframework.web.bind.annotation.RequestMapping;
910
import org.springframework.web.bind.annotation.RestController;
1011

@@ -17,7 +18,7 @@ public class VodProcessingJobController {
1718
private final FacadeVodProcessingJobService facadeVodProcessingJobService;
1819

1920
@PostMapping()
20-
public void createPending(CreatePendingVodProcessingJobRequest request) {
21+
public void createPending(@RequestBody CreatePendingVodProcessingJobRequest request) {
2122
facadeVodProcessingJobService.create(request.toCommand());
2223
}
2324

0 commit comments

Comments
 (0)