CORS 수정 (#17)

* Test: 테스트용 application.yml 파일 추가

* Feat: Dockerfile 작성

* Refactor: AI 요구사항에 맞게 코드 수정

* Fix: H2 관련 설정 삭제

* Refactor: 식당 ID를 반환하도록 추가

* Refactor: AI 요구사항에 맞춰 수정

* Refactor: AI 요구사항에 맞도록 수정

* Test: 테스트 코드 수정

* Refactor: 회원 상세정보 필드 추가

* Refactor: 테스트 환경 간 모든 요청 허용

* Feat: 에러 발생 시 CORS 설정 추가

* Refactor: 회원 상세 정보 입력 로직 수정

* Refactor: CORS 설정 추가

Author: pjh5365

src/main/java/workplate/workplateserver/config/CorsConfig.java

@@ -0,0 +1,32 @@
+package workplate.workplateserver.config;
+
+import java.util.List;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.web.cors.CorsConfiguration;
+import org.springframework.web.cors.CorsConfigurationSource;
+import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
+
+/**
+ * CORS 설정
+ *
+ * @author : parkjihyeok
+ * @since : 2024/11/19
+ */
+@Configuration
+public class CorsConfig {
+
+	@Bean
+	public CorsConfigurationSource corsConfigurationSource() {
+		CorsConfiguration configuration = new CorsConfiguration();
+		configuration.setAllowedOriginPatterns(List.of("*")); // 모든 도메인 허용
+		configuration.setAllowedMethods(List.of("GET", "POST", "PUT", "DELETE", "OPTIONS"));
+		configuration.setAllowedHeaders(List.of("*")); // 모든 헤더 허용
+		configuration.setAllowCredentials(true); // 자격 증명 허용
+
+		UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
+		source.registerCorsConfiguration("/**", configuration);
+		return source;
+	}
+}

src/main/java/workplate/workplateserver/config/SecurityConfig.java

@@ -1,16 +1,15 @@
 package workplate.workplateserver.config;
 
-import org.springframework.boot.autoconfigure.security.servlet.PathRequest;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
-import org.springframework.security.config.annotation.web.configurers.HeadersConfigurer;
 import org.springframework.security.config.http.SessionCreationPolicy;
 import org.springframework.security.web.SecurityFilterChain;
 import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
+import org.springframework.web.cors.CorsConfigurationSource;
 
 import lombok.RequiredArgsConstructor;
 import workplate.workplateserver.auth.domain.filter.LoginFilter;
@@ -31,6 +30,7 @@ public class SecurityConfig {
 	private final AuthenticationConfiguration authenticationConfiguration;
 	private final LoginSuccessHandler loginSuccessHandler;
 	private final JwtFilter jwtFilter;
+	private final CorsConfigurationSource corsConfigurationSource;
 
 	@Bean
 	public LoginFilter loginFilter() throws Exception {
@@ -50,7 +50,7 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
 				);
 		http
 				.csrf(AbstractHttpConfigurer::disable)
-				.cors(AbstractHttpConfigurer::disable)
+				.cors(cors -> cors.configurationSource(corsConfigurationSource))
 				.formLogin(AbstractHttpConfigurer::disable)
 				.httpBasic(AbstractHttpConfigurer::disable)
 				.addFilterAt(loginFilter(), UsernamePasswordAuthenticationFilter.class) // 로그인 필터 변경