Merge pull request #34 from Leets-Official/33-bug-cors

33 bug cors
Leets-Official · Jul 30, 2024 · 403e2c1 · 403e2c1
2 parents 64cb330 + edbb5cb
commit 403e2c1
Show file tree

Hide file tree

Showing 3 changed files with 14 additions and 10 deletions.
diff --git a/appspec.yml b/appspec.yml
@@ -12,4 +12,4 @@ hooks:
   AfterInstall:
     - location: scripts/after-deploy.sh
       timeout: 60
-      runas: ubuntu
+      runas: root
diff --git a/scripts/after-deploy.sh b/scripts/after-deploy.sh
@@ -18,7 +18,5 @@ else
   sleep 5
 fi
 
-source ~/.bashrc
-
 echo "> Deploy - $JAR_PATH "
-nohup java -jar $JAR_PATH > commitato.log 2>&1 &
+nohup java -jar $JAR_PATH > commitato.log 2>&1 &
diff --git a/src/main/java/com/leets/commitatobe/global/config/SecurityConfig.java b/src/main/java/com/leets/commitatobe/global/config/SecurityConfig.java
@@ -42,15 +42,15 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
                 )
                 .csrf(AbstractHttpConfigurer::disable)
                 .formLogin((formLogin) -> formLogin
-                    .loginPage("/login/github"))
+                        .loginPage("/login/github"))
                 .authorizeHttpRequests((authorize) ->
                         authorize
-                            .requestMatchers("/", "/v3/api-docs/**", "/swagger-ui/**",
-                                    "/login/**", "/auth/**", "/h2-console/**", "/error/**").permitAll()
-                            .anyRequest().authenticated()
+                                .requestMatchers("/", "/v3/api-docs/**", "/swagger-ui/**",
+                                        "/login/**", "/auth/**", "/h2-console/**", "/error/**").permitAll()
+                                .anyRequest().authenticated()
                 )
                 .headers(headers -> headers
-                    .frameOptions(frameOptions -> frameOptions.disable()) // H2 콘솔 프레임 옵션 설정
+                        .frameOptions(frameOptions -> frameOptions.disable()) // H2 콘솔 프레임 옵션 설정
                 )
                 .addFilterBefore(new JwtAuthenticationFilter(jwtProvider), UsernamePasswordAuthenticationFilter.class);
         return http.build();
@@ -59,7 +59,13 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
     @Bean
     CorsConfigurationSource corsConfigurationSource() {
         CorsConfiguration configuration = new CorsConfiguration();
-        configuration.setAllowedOrigins(Arrays.asList("http://localhost:8080", "http://localhost:3000", "http://localhost:5173", DOMAIN_URI));
+        configuration.setAllowedOrigins(Arrays.asList(
+                "http://localhost:8080",
+                "http://localhost:3000",
+                "http://localhost:5173",
+                "https://api.github.com",
+                "https://github.com",
+                DOMAIN_URI));
         configuration.setAllowedMethods(Arrays.asList("HEAD", "GET", "POST", "PUT", "DELETE", "PATCH", "OPTIONS"));
         configuration.setAllowCredentials(true);
         configuration.setAllowedHeaders(List.of("*"));