From efae5f27772b4477433f88512ccdc3c128aa1826 Mon Sep 17 00:00:00 2001
From: byeolhaha <j35635aa@gmail.com>
Date: Fri, 3 Nov 2023 18:35:06 +0900
Subject: [PATCH] =?UTF-8?q?Feat=20:=20Cors=20=EC=B6=94=EA=B0=80?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../domain/auth/config/SecurityConfig.java       | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/src/main/java/org/guzzing/studayserver/domain/auth/config/SecurityConfig.java b/src/main/java/org/guzzing/studayserver/domain/auth/config/SecurityConfig.java
index de93755d..7943e817 100644
--- a/src/main/java/org/guzzing/studayserver/domain/auth/config/SecurityConfig.java
+++ b/src/main/java/org/guzzing/studayserver/domain/auth/config/SecurityConfig.java
@@ -12,6 +12,11 @@
 import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
 import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
 import org.springframework.security.config.annotation.web.configurers.HttpBasicConfigurer;
+import org.springframework.web.cors.CorsConfiguration;
+import org.springframework.web.cors.CorsConfigurationSource;
+import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
+
+import java.util.Arrays;
 import java.util.stream.Stream;
 
 @Configuration
@@ -38,6 +43,7 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
                         )
                         .permitAll()
                         .anyRequest().authenticated())
+                .cors(cors -> cors.disable())
                 .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
                 .csrf(AbstractHttpConfigurer::disable)
                 .httpBasic(HttpBasicConfigurer::disable)
@@ -47,4 +53,14 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
         return http.build();
     }
 
+    @Bean
+    CorsConfigurationSource corsConfigurationSource() {
+        CorsConfiguration configuration = new CorsConfiguration();
+        configuration.setAllowedOrigins(Arrays.asList("*"));
+        configuration.setAllowedMethods(Arrays.asList("*"));
+        UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
+        source.registerCorsConfiguration("/**", configuration);
+        return source;
+    }
+
 }