[#3] chore: Security Filter Chain 변경

Gongjakso · Jan 25, 2024 · f4ef4e0 · f4ef4e0
1 parent d6273ae
commit f4ef4e0
Showing 1 changed file with 3 additions and 4 deletions.
diff --git a/src/main/java/com/gongjakso/server/global/config/SecurityConfig.java b/src/main/java/com/gongjakso/server/global/config/SecurityConfig.java
@@ -3,7 +3,6 @@
 import lombok.RequiredArgsConstructor;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
-import org.springframework.http.HttpMethod;
 import org.springframework.security.config.Customizer;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
@@ -45,12 +44,12 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
         // 요청 URI별 권한 설정
         http.authorizeHttpRequests((authorize) ->
                 // Swagger UI 외부 접속 허용
-                authorize.requestMatchers( "/api-docs/**", "/swagger-ui/**").permitAll()
+                authorize.requestMatchers( "/api-docs/**", "/swagger-ui/**", "/swagger-ui.html").permitAll()
                         // 로그인 로직 접속 허용
-                        .requestMatchers(HttpMethod.POST, "/api/v1/auth/").permitAll()
+                        .requestMatchers("/api/v1/auth/**").permitAll()
                         // 메인 페이지, 공고 페이지 등에 한해 인증 정보 없이 접근 가능 (추후 추가)
                         // 이외의 모든 요청은 인증 정보 필요
-                        .anyRequest().authenticated());
+                        .anyRequest().permitAll());
 
         return http.build();
     }