File tree Expand file tree Collapse file tree
src/main/java/fitfit/global/security/config Expand file tree Collapse file tree Original file line number Diff line number Diff line change @@ -10,6 +10,19 @@ server {
1010 ssl_dhparam /etc/letsencrypt/ssl -dhparams.pem;
1111
1212 location / {
13+ if ( $request_method = 'OPTIONS' ) {
14+ # 'http://localhost:3000' 및 'https://fitfit.site' 등을 직접 명시
15+ add_header 'Access-Control-Allow-Origin' 'http://localhost:3000' always;
16+ add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS' always;
17+ add_header 'Access-Control-Allow-Headers' 'Authorization, Content-Type, *' always;
18+ add_header 'Access-Control-Allow-Credentials' 'true' always;
19+ return 204 ;
20+ }
21+
22+ # 백엔드 응답이 돌아올 때도 CORS 헤더를 재전달/추가
23+ add_header 'Access-Control-Allow-Origin' 'http://localhost:3000' always;
24+ add_header 'Access-Control-Allow-Credentials' 'true' always;
25+
1326 # 요청을 내부 스프링 앱(8080 포트)으로 전달하는 것은 동일합니다.
1427 proxy_pass http ://127.0.0.1:8080 ;
1528 proxy_set_header Host $host ;
Original file line number Diff line number Diff line change 44import lombok .RequiredArgsConstructor ;
55import org .springframework .context .annotation .Bean ;
66import org .springframework .context .annotation .Configuration ;
7+ import org .springframework .http .HttpMethod ;
78import org .springframework .security .config .annotation .method .configuration .EnableMethodSecurity ;
89import org .springframework .security .config .annotation .web .builders .HttpSecurity ;
910import org .springframework .security .config .annotation .web .configuration .EnableWebSecurity ;
@@ -33,6 +34,7 @@ public SecurityFilterChain filterChain (HttpSecurity http) throws Exception {
3334 .sessionManagement (session -> session .sessionCreationPolicy (SessionCreationPolicy .STATELESS ))
3435 .authorizeHttpRequests (auth -> auth
3536 .requestMatchers (
37+ HttpMethod .OPTIONS , "/**" ,
3638 "/swagger-ui.html" ,
3739 "/auth/**" ,
3840 "/swagger-ui/**" ,
You can’t perform that action at this time.
0 commit comments