localnet/localhost-back
10
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

게시판 권한 설정

Browse Source
This commit is contained in:
yoon 2025-02-07 14:05:46 +09:00
parent 7cadf7722d
commit 1a3c1333e3
1 changed files with 3 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
src/main/java/io/company/localhost/common/security/config/SecurityConfig.java
View File

@ -25,10 +25,8 @@ import io.company.localhost.common.security.service.TokenService;
import io.company.localhost.common.security.service.MemberPrincipalDetailService; import io.company.localhost.common.security.service.MemberPrincipalDetailService;
import io.company.localhost.common.security.session.AuthenticationSessionControlStrategy; import io.company.localhost.common.security.session.AuthenticationSessionControlStrategy;
import io.company.localhost.common.security.session.CustomSessionRegistryImpl; import io.company.localhost.common.security.session.CustomSessionRegistryImpl;
import io.company.localhost.service.NetmemberService;
import lombok.RequiredArgsConstructor; import lombok.RequiredArgsConstructor;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.authentication.AuthenticationManager;
@ -56,7 +54,6 @@ public class SecurityConfig {
private final MemberPrincipalDetailService userDetailsService; private final MemberPrincipalDetailService userDetailsService;
private final MemberAuthSuccessHandler successHandler; private final MemberAuthSuccessHandler successHandler;
private final MemberAuthFailureHandler failureHandler; private final MemberAuthFailureHandler failureHandler;
private final NetmemberService netmemberService;
private final AuthorizationManager<RequestAuthorizationContext> authorizationManager; private final AuthorizationManager<RequestAuthorizationContext> authorizationManager;
// 세션 관련 상수 설정 // 세션 관련 상수 설정
@ -82,8 +79,9 @@ public class SecurityConfig {
http http
.securityMatcher("/api/**") // '/api/**' 경로에 대해서만 보안 적용 .securityMatcher("/api/**") // '/api/**' 경로에 대해서만 보안 적용
.authorizeHttpRequests(auth -> .authorizeHttpRequests(auth -> auth
auth.requestMatchers("/api/**").permitAll() // 특정 엔드포인트 허용 .requestMatchers("/api/board/**").hasRole("MEMBER")
.requestMatchers("/api/**").permitAll() // 특정 엔드포인트 허용
.anyRequest().authenticated() // 나머지 요청은 인증 필요 .anyRequest().authenticated() // 나머지 요청은 인증 필요
//auth.anyRequest().access(authorizationManager) // 모든 요청에 대해 권한 관리 //auth.anyRequest().access(authorizationManager) // 모든 요청에 대해 권한 관리
) )