11package store .lastdance .config ;
22
3- import lombok .extern .slf4j .Slf4j ;
4-
53
64import lombok .RequiredArgsConstructor ;
75import org .springframework .context .annotation .Bean ;
2119import store .lastdance .security .oauth .OAuth2LoginSuccessHandler ;
2220import store .lastdance .util .CookieUtils ;
2321
24- @ Slf4j
2522@ Configuration
2623@ RequiredArgsConstructor
2724public class SecurityConfig {
@@ -57,7 +54,8 @@ public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Excepti
5754 // Actuator 경로 허용 (필요시)
5855 .requestMatchers ("/actuator/**" ).permitAll ()
5956 // 기타 공개 경로들
60- .requestMatchers ("/error" ).permitAll ()
57+ .requestMatchers ("/error" , "/favicon.ico" ).permitAll ()
58+ .requestMatchers ("/api/v1/notifications/stream" ).permitAll ()
6159 // /api/v1/expenses/analyze 요청은 인증이 필요함 AOP 프록시
6260 .requestMatchers ("/api/v1/expenses/analyze" ).authenticated ()
6361 // 나머지 요청은 인증 필요
@@ -70,23 +68,10 @@ public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Excepti
7068 // API 요청에 대해서는 401 응답 (로그인 페이지로 리다이렉트 안함)
7169 .exceptionHandling (exceptions -> exceptions
7270 .authenticationEntryPoint ((request , response , authException ) -> {
73- if (response .isCommitted ()) {
74- log .debug ("Response already committed, cannot send 401 Unauthorized for AuthenticationException." );
75- return ;
76- }
7771 response .setStatus (HttpStatus .UNAUTHORIZED .value ());
7872 response .setContentType ("application/json;charset=UTF-8" );
7973 response .getWriter ().write ("{\" error\" :\" Unauthorized\" ,\" message\" :\" 인증이 필요합니다.\" }" );
8074 })
81- .accessDeniedHandler ((request , response , accessDeniedException ) -> {
82- if (response .isCommitted ()) {
83- log .debug ("Response already committed, cannot send 403 Forbidden for AccessDeniedException." );
84- return ;
85- }
86- response .setStatus (HttpStatus .FORBIDDEN .value ());
87- response .setContentType ("application/json;charset=UTF-8" );
88- response .getWriter ().write ("{\" error\" :\" Forbidden\" ,\" message\" :\" 접근 권한이 없습니다.\" }" );
89- })
9075 )
9176 .addFilterBefore (new JwtAuthenticationFilter (cookieUtils , authenticationProcessor ),
9277 UsernamePasswordAuthenticationFilter .class );
0 commit comments