Skip to content

Commit bb717e3

Browse files
kimeunkyounggkimeunkyoungg
authored
[fix] Websocket 프론트에서 접근시 403 에러 해결
* fix: securityconfig ws endpoint 추가 * feat: websocket interpretor 설정
1 parent 69395a9 commit bb717e3

2 files changed

Lines changed: 21 additions & 0 deletions

File tree

backend/src/main/java/com/back/global/config/SecurityConfig.java

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -50,6 +50,7 @@ SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
5050
.requestMatchers("/api/v1/auth/signup").permitAll()
5151
.requestMatchers("/api/v1/auth/login").permitAll()
5252
.requestMatchers("/api/v1/admin/auth/**").permitAll()
53+
.requestMatchers("/ws/**").permitAll() // WebSocket 핸드셰이크 허용
5354
.requestMatchers("/api/v1/admin/**").hasRole("ADMIN")
5455
.requestMatchers("/actuator/**").permitAll() // 모니터링/Actuator 관련
5556
// .requestMatchers("/api/v1/**").authenticated() // TODO: 개발 후 인증 활성화

backend/src/main/java/com/back/global/config/WebSocketConfig.java

Lines changed: 20 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,15 +1,25 @@
11
package com.back.global.config;
22

33
import org.springframework.context.annotation.Configuration;
4+
import org.springframework.messaging.simp.config.ChannelRegistration;
45
import org.springframework.messaging.simp.config.MessageBrokerRegistry;
56
import org.springframework.web.socket.config.annotation.EnableWebSocketMessageBroker;
67
import org.springframework.web.socket.config.annotation.StompEndpointRegistry;
78
import org.springframework.web.socket.config.annotation.WebSocketMessageBrokerConfigurer;
89

10+
import com.back.global.properties.SiteProperties;
11+
import com.back.global.websocket.auth.WebSocketAuthInterceptor;
12+
13+
import lombok.RequiredArgsConstructor;
14+
915
@Configuration
1016
@EnableWebSocketMessageBroker
17+
@RequiredArgsConstructor
1118
public class WebSocketConfig implements WebSocketMessageBrokerConfigurer {
1219

20+
private final WebSocketAuthInterceptor webSocketAuthInterceptor;
21+
private final SiteProperties siteProperties;
22+
1323
@Override
1424
public void configureMessageBroker(MessageBrokerRegistry registry) {
1525

@@ -18,6 +28,9 @@ public void configureMessageBroker(MessageBrokerRegistry registry) {
1828

1929
//클라이언트 발행 경로
2030
registry.setApplicationDestinationPrefixes("/app");
31+
32+
// 특정 유저에게 메시지 보낼 때 사용할 prefix
33+
registry.setUserDestinationPrefix("/user");
2134
}
2235

2336
@Override
@@ -26,6 +39,13 @@ public void registerStompEndpoints(StompEndpointRegistry registry) {
2639
//Websocket/stomp 연결 endpoint
2740
registry.addEndpoint("/ws")
2841
.setAllowedOriginPatterns("*")
42+
// .setAllowedOrigins(siteProperties.getFrontUrl()) 프론트 배포 후 변경
2943
.withSockJS();
3044
}
45+
46+
@Override
47+
public void configureClientInboundChannel(ChannelRegistration registration) {
48+
registration.interceptors(webSocketAuthInterceptor);
49+
}
50+
3151
}

0 commit comments

Comments
 (0)