joungmin/tasteby
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix CORS: allow tasteby.net origin and integrate with Spring Security

Browse Source 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
joungmin
2026-03-09 20:30:54 +09:00
parent 6d05be2331
commit a844fd44cc
3 changed files with 20 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
backend-java/src/main/java/com/tasteby/config/SecurityConfig.java
View File

@@ -24,6 +24,7 @@ public class SecurityConfig {
@Bean @Bean
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
http http
.cors(cors -> {})
.csrf(AbstractHttpConfigurer::disable) .csrf(AbstractHttpConfigurer::disable)
.sessionManagement(sm -> sm.sessionCreationPolicy(SessionCreationPolicy.STATELESS)) .sessionManagement(sm -> sm.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
.authorizeHttpRequests(auth -> auth .authorizeHttpRequests(auth -> auth

26
backend-java/src/main/java/com/tasteby/config/WebConfig.java
View File

@@ -1,22 +1,32 @@
package com.tasteby.config; package com.tasteby.config;
import org.springframework.beans.factory.annotation.Value; import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.CorsRegistry; import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.CorsConfigurationSource;
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer; import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
import java.util.Arrays;
import java.util.List;
@Configuration @Configuration
public class WebConfig implements WebMvcConfigurer { public class WebConfig implements WebMvcConfigurer {
@Value("${app.cors.allowed-origins}") @Value("${app.cors.allowed-origins}")
private String allowedOrigins; private String allowedOrigins;
@Override @Bean
public void addCorsMappings(CorsRegistry registry) { public CorsConfigurationSource corsConfigurationSource() {
registry.addMapping("/api/**") CorsConfiguration config = new CorsConfiguration();
.allowedOrigins(allowedOrigins.split(",")) config.setAllowedOrigins(Arrays.asList(allowedOrigins.split(",")));
.allowedMethods("GET", "POST", "PUT", "DELETE", "OPTIONS") config.setAllowedMethods(List.of("GET", "POST", "PUT", "DELETE", "OPTIONS"));
.allowedHeaders("*") config.setAllowedHeaders(List.of("*"));
.allowCredentials(true); config.setAllowCredentials(true);
UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
source.registerCorsConfiguration("/api/**", config);
return source;
} }
} }

2
backend-java/src/main/resources/application.yml
View File

@@ -38,7 +38,7 @@ app:
expiration-days: 7 expiration-days: 7
cors: cors:
allowed-origins: http://localhost:3000,http://localhost:3001 allowed-origins: http://localhost:3000,http://localhost:3001,https://www.tasteby.net,https://tasteby.net
oracle: oracle:
wallet-path: ${ORACLE_WALLET:} wallet-path: ${ORACLE_WALLET:}