refactor: Modify SecurityConfig (#3)

GDSC-SWU · Nov 16, 2023 · 06917bc · 06917bc
1 parent 324dc22
commit 06917bc
Showing 1 changed file with 2 additions and 1 deletion.
diff --git a/server-toy-project/src/main/java/com/gdsc_teamb/servertoyproject/jwt/SecurityConfig.java b/server-toy-project/src/main/java/com/gdsc_teamb/servertoyproject/jwt/SecurityConfig.java
@@ -24,7 +24,7 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception{
         http
                 .httpBasic(AbstractHttpConfigurer::disable) // rest api 이므로 basic auth 및 csrf 보안을 사용 X
                 .csrf(AbstractHttpConfigurer::disable)
-                .sessionManagement(config -> config.sessionCreationPolicy(SessionCreationPolicy.STATELESS)) // 세션 사용 X
+                .sessionManagement(config -> config.sessionCreationPolicy(SessionCreationPolicy.STATELESS)) // JWT 사용 -> 세션 사용 X
                 .authorizeRequests()
                 .requestMatchers(new AntPathRequestMatcher("/members/login")).permitAll()    // 모든 요청 허가
                 .requestMatchers(new AntPathRequestMatcher("/members/test")).hasRole("USER") // USER 권한 확인
@@ -36,6 +36,7 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception{
 
     @Bean
     public PasswordEncoder passwordEncoder() {
+        // BCrypt Encoder 사용
         return PasswordEncoderFactories.createDelegatingPasswordEncoder();
     }
 }