[CICD] nginx.conf 및 SpringSecurity 수정

Author: simhyunmin

nginx.conf

@@ -11,8 +11,14 @@ server {
 
     location / {
 
-         # 요청을 내부 스프링 앱(8080 포트)으로 전달하는 것은 동일합니다.
+         # 요청을 내부 스프링 앱(8080 포트)으로 전달
          proxy_pass http://127.0.0.1:8080;
+
+         add_header 'Access-Control-Allow-Origin' 'http://localhost:3000' always;
+         add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS' always;
+         add_header 'Access-Control-Allow-Headers' 'Authorization, Content-Type, *' always;
+         add_header 'Access-Control-Allow-Credentials' 'true' always;
+
          proxy_set_header Host $host;
          proxy_set_header X-Real-IP $remote_addr;
          proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

src/main/java/fitfit/domain/token/filter/JwtAuthenticationFilter.java

@@ -6,6 +6,7 @@
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
 import lombok.RequiredArgsConstructor;
+import org.springframework.http.HttpMethod;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.security.core.userdetails.UserDetails;
@@ -59,6 +60,10 @@ protected void doFilterInternal(HttpServletRequest request, HttpServletResponse
 
     @Override
     protected boolean shouldNotFilter(HttpServletRequest request) throws ServletException {
+        if (request.getMethod().equalsIgnoreCase(HttpMethod.OPTIONS.name())) {
+            return true;
+        }
+
         // 더 안정적인 AntPathMatcher.match() 로 수정
         return WHITE_LIST.stream().anyMatch(white -> antPathMatcher.match(white, request.getRequestURI()));
     }