first

2026-03-20 07:43:33 +09:00 · 2025-07-02 21:55:07 +09:00
commit fa63330e69
855 changed files with 432271 additions and 0 deletions
--- a/src/main/java/com/kospo/talk/config/security/SecurityConfig.java
+++ b/src/main/java/com/kospo/talk/config/security/SecurityConfig.java
@@ -0,0 +1,110 @@
+package com.kospo.talk.config.security;
+
+import com.kospo.talk.config.filter.AuthenticationFilter;
+import com.kospo.talk.config.filter.CustomBasicAuthenticationFilter;
+import com.kospo.talk.config.filter.SecurityExceptionFilter;
+import com.kospo.talk.repository.UserRepository;
+import com.kospo.talk.service.UserService;
+import jakarta.servlet.http.HttpServletRequest;
+import lombok.RequiredArgsConstructor;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.config.Customizer;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer;
+import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
+import org.springframework.security.config.http.SessionCreationPolicy;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.AuthenticationException;
+import org.springframework.security.core.session.SessionRegistry;
+import org.springframework.security.core.session.SessionRegistryImpl;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.web.SecurityFilterChain;
+import org.springframework.security.web.access.ExceptionTranslationFilter;
+import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
+import org.springframework.security.web.authentication.session.RegisterSessionAuthenticationStrategy;
+import org.springframework.security.web.authentication.session.SessionAuthenticationStrategy;
+import org.springframework.web.cors.CorsConfiguration;
+import org.springframework.web.cors.CorsConfigurationSource;
+
+import java.util.Arrays;
+
+@Configuration
+@RequiredArgsConstructor
+public class SecurityConfig {
+    private final UserService userService;
+
+    @Bean
+    public SecurityFilterChain securityFilterChain(HttpSecurity http,
+                                                   UserRepository userRepository) throws Exception {
+        http
+        .authorizeHttpRequests(authorizationManagerRequestMatcherRegistry -> authorizationManagerRequestMatcherRegistry
+            .requestMatchers("/admin*").hasRole("ADMIN")
+            .anyRequest().authenticated()
+        )
+        .csrf(AbstractHttpConfigurer::disable)
+        .formLogin(httpSecurityFormLoginConfigurer -> httpSecurityFormLoginConfigurer.disable())
+        .addFilterBefore(new CustomBasicAuthenticationFilter(authenticationManager(), userRepository), UsernamePasswordAuthenticationFilter.class)
+        .addFilterBefore(new SecurityExceptionFilter(), CustomBasicAuthenticationFilter.class)
+        .sessionManagement(httpSecuritySessionManagementConfigurer ->
+                httpSecuritySessionManagementConfigurer
+                        .maximumSessions(1)
+                        .sessionRegistry(sessionRegistry())
+        )
+        .cors(httpSecurityCorsConfigurer -> httpSecurityCorsConfigurer.configurationSource(new CorsConfigurationSource() {
+            @Override
+            public CorsConfiguration getCorsConfiguration(HttpServletRequest request) {
+                CorsConfiguration config = new CorsConfiguration();
+                String origin = request.getHeader("Origin");
+                config.setAllowCredentials(true);
+                config.setAllowedOrigins(Arrays.asList("http://kisp.kospo.co.kr:8010", "http://localhost:8010"));
+                config.setAllowedMethods(Arrays.asList("POST","GET","DELETE","PUT","OPTIONS"));
+                config.setAllowedHeaders(Arrays.asList("*"));
+                return config;
+            }
+        }));
+        return http.build();
+    }
+
+    private String getEncoding (String str) {
+        BCryptPasswordEncoder b = new BCryptPasswordEncoder();
+        return b.encode(str);
+    }
+
+    @Bean
+    public SessionRegistry sessionRegistry() {
+        return new SessionRegistryImpl();
+    }
+
+
+    @Bean
+    public AuthenticationManager authenticationManager() {
+        AuthenticationManager manager = new AuthenticationManager() {
+            @Override
+            public Authentication authenticate(Authentication authentication) throws AuthenticationException {
+                return authentication;
+            }
+        };
+        return manager;
+    }
+
+
+    /*특정 url 필터 제외 처리*/
+    @Bean
+    public WebSecurityCustomizer webSecurityCustomizer() {
+        return (web) -> web.ignoring().requestMatchers(
+            "/manifest.json", "/css/**", "/images/**", "/js/**", "/pages/**"
+            // -- Swagger UI v2
+            , "/v2/api-docs/**", "/swagger-resources/**", "/v3/api-docs/**"
+            , "/swagger-ui/**", "/webjars/**", "/swagger/**", "/api-docs/**"
+        );
+    }
+
+
+    @Bean
+    public SessionAuthenticationStrategy sessionAuthenticationStrategy() {
+        return new RegisterSessionAuthenticationStrategy(sessionRegistry());
+    }
+}
+