backup

Danto7632 · Danto7632 · commit 20bd62e54d96 · 2025-09-10T20:03:24.000+09:00
diff --git a/src/main/java/com/dmu/debug_visual/config/SecurityConfig.java b/src/main/java/com/dmu/debug_visual/config/SecurityConfig.java
@@ -6,7 +6,6 @@
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.http.HttpHeaders;
-import org.springframework.http.HttpMethod; // ✅ 추가
 import org.springframework.http.MediaType;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
@@ -20,9 +19,6 @@
 import org.springframework.web.reactive.function.client.WebClient;
 import util.JwtTokenProvider;
 
-// ⚠️ JwtAuthenticationFilter import는 프로젝트 경로에 맞게 유지하세요.
-// import com.dmu.debug_visual.config.JwtAuthenticationFilter; (예시)
-
 import java.util.List;
 
 @Configuration
@@ -39,40 +35,24 @@ public class SecurityConfig {
     @Bean
     public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
         http
-            // CORS 우선 적용
-            .cors(cors -> cors.configurationSource(corsConfigurationSource()))
-            // REST API라면 CSRF 비활성
-            .csrf(csrf -> csrf.disable())
-            .authorizeHttpRequests(auth -> auth
-                // ✅ 프리플라이트 전역 허용 (중요)
-                .requestMatchers(HttpMethod.OPTIONS, "/**").permitAll()
-
-                // ✅ 공개 엔드포인트
-                .requestMatchers(
-                    "/api/users/login",
-                    "/api/users/signup",
-                    "/swagger-ui/**",
-                    "/swagger-ui.html",
-                    "/v3/api-docs/**",
-                    "/actuator/health",
-                    "/healthz",
-                    "/public/**"
-                ).permitAll()
-
-                // 역할 기반
-                .requestMatchers("/api/admin/**").hasRole("ADMIN")
-                .requestMatchers("/api/posts/**").hasAnyRole("USER", "ADMIN")
-                .requestMatchers("/api/notifications/**").hasAnyRole("USER", "ADMIN")
-
-                // 나머지는 인증 필요
-                .anyRequest().authenticated()
-            )
-            // JWT 필터 (위치 유지)
-            .addFilterBefore(new JwtAuthenticationFilter(jwtTokenProvider, userRepository),
-                    UsernamePasswordAuthenticationFilter.class)
-            // 폼/기본 인증 비활성
-            .formLogin(form -> form.disable())
-            .httpBasic(basic -> basic.disable());
+                .cors(cors -> cors.configurationSource(corsConfigurationSource()))
+                .csrf(csrf -> csrf.disable())
+                .authorizeHttpRequests(auth -> auth
+                        .requestMatchers(
+                                "/api/users/login",
+                                "/api/users/signup",
+                                "/swagger-ui/**",
+                                "/v3/api-docs/**"
+                        ).permitAll()
+                        .requestMatchers("/api/admin/**").hasRole("ADMIN")
+                        .requestMatchers("/api/posts/**").hasAnyRole("USER", "ADMIN")
+                        .requestMatchers("/api/notifications/**").hasAnyRole("USER", "ADMIN")
+                        .anyRequest().authenticated()
+                )
+                .addFilterBefore(new JwtAuthenticationFilter(jwtTokenProvider, userRepository),
+                        UsernamePasswordAuthenticationFilter.class)
+                .formLogin(form -> form.disable())
+                .httpBasic(basic -> basic.disable());
 
         return http.build();
     }
@@ -82,7 +62,6 @@ public PasswordEncoder passwordEncoder() {
         return new BCryptPasswordEncoder();
     }
 
-    // 백엔드 → 파이썬 컴파일러 호출용 WebClient
     @Bean
     public WebClient webClient() {
         return WebClient.builder()
@@ -91,22 +70,15 @@ public WebClient webClient() {
                 .build();
     }
 
-    // ✅ CORS: 프록시(Nginx)와 값 일치 — zivorp.com만 허용(+ www, http/https)
     @Bean
     public CorsConfigurationSource corsConfigurationSource() {
         CorsConfiguration config = new CorsConfiguration();
-        // AllowedOriginPatterns("*") + Credentials(true)는 브라우저에서 막히기 쉬움.
-        // 명시적으로 허용 도메인만 지정하세요.
-        config.setAllowedOrigins(List.of(
-            "https://zivorp.com",
-            "http://zivorp.com",
-            "https://www.zivorp.com",
-            "http://www.zivorp.com"
-        ));
-        config.setAllowedMethods(List.of("GET", "POST", "PUT", "PATCH", "DELETE", "OPTIONS"));
-        config.setAllowedHeaders(List.of("Authorization", "Content-Type", "X-Requested-With"));
+        config.setAllowedOriginPatterns(List.of("*"));
+        // 또는 특정 도메인만 허용할 경우:
+//        config.setAllowedOrigins(List.of("https://zivorp.com", "http://zivorp.com"));
+        config.setAllowedMethods(List.of("GET", "POST", "PUT", "DELETE", "OPTIONS"));
+        config.setAllowedHeaders(List.of("*"));
         config.setAllowCredentials(true);
-        config.setMaxAge(3600L);
 
         UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
         source.registerCorsConfiguration("/**", config);
diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties
@@ -35,5 +35,3 @@ jwt.secret=bnTweUtRuSmcelFon7OFd2Px/ZaVWgEhMpAzyl/+LnEQLG8bKe+F5nA4UJTWwT0iM627y
 jwt.expiration=300000
 
 compiler.python.url=http://flask-server:5050/run
-
-server.forward-headers-strategy=framework
