f-lab-edu · tilsong · Jul 17, 2023 · Jul 16, 2023 · Jul 17, 2023
diff --git a/src/main/java/com/directors/domain/specialty/Specialty.java b/src/main/java/com/directors/domain/specialty/Specialty.java
@@ -2,6 +2,7 @@
 
 import com.directors.domain.common.BaseEntity;
 import com.directors.domain.user.User;
+import com.fasterxml.jackson.annotation.JsonIgnore;
 import jakarta.persistence.*;
 import lombok.*;
 
@@ -14,6 +15,7 @@ public class Specialty extends BaseEntity {
     @GeneratedValue(strategy = GenerationType.IDENTITY)
     private Long id;
 
+    @JsonIgnore
     @ManyToOne(fetch = FetchType.LAZY)
     @JoinColumn(name = "user_id", referencedColumnName = "id")
     private User user;

diff --git a/src/main/java/com/directors/infrastructure/config/CorsConfiguration.java b/src/main/java/com/directors/infrastructure/config/CorsConfiguration.java
@@ -0,0 +1,24 @@
+package com.directors.infrastructure.config;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.web.servlet.config.annotation.CorsRegistry;
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
+
+@Configuration
+public class CorsConfiguration {
+
+    @Bean
+    public WebMvcConfigurer corsConfigurer() {
+        return new WebMvcConfigurer() {
+            @Override
+            public void addCorsMappings(CorsRegistry registry) {
+                registry.addMapping("/**")
+                        .allowedOrigins("*")
+                        .allowedMethods("GET","POST","PUT","DELETE","OPTIONS")
+                        .allowedHeaders("*");
+            }
+        };
+    }
+}
+
diff --git a/src/main/java/com/directors/infrastructure/config/WebSecurityConfig.java b/src/main/java/com/directors/infrastructure/config/WebSecurityConfig.java
@@ -11,6 +11,7 @@
 import org.springframework.security.web.SecurityFilterChain;
 import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
 import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
+import org.springframework.web.cors.CorsUtils;
 
 @RequiredArgsConstructor
 @Configuration
@@ -22,8 +23,9 @@ public class WebSecurityConfig {
 
     @Bean
     public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
-        http.csrf().disable().
+        http.cors().and().csrf().disable().
                 authorizeHttpRequests()
+                .requestMatchers(CorsUtils::isPreFlightRequest).permitAll()
                 .requestMatchers(
                         new AntPathRequestMatcher("/user/signUp", "POST"),
                         new AntPathRequestMatcher("/user/logIn", "POST"),

diff --git a/src/main/java/com/directors/infrastructure/jpa/user/UserRepositoryAdapter.java b/src/main/java/com/directors/infrastructure/jpa/user/UserRepositoryAdapter.java
@@ -9,6 +9,7 @@
 import com.querydsl.core.types.dsl.Expressions;
 import com.querydsl.core.types.dsl.StringPath;
 import com.querydsl.jpa.impl.JPAQueryFactory;
+import jakarta.persistence.Query;
 import lombok.RequiredArgsConstructor;
 import org.springframework.stereotype.Repository;
 
@@ -64,9 +65,7 @@ public List<User> findWithSearchConditions(List<Long> regionIds, boolean hasSche
 
         return queryFactory.selectFrom(user)
                 .join(user.specialtyList, specialty).fetchJoin()
-                .where(user.id.in(userIds))
-                .fetch();
-
+                .where(user.id.in(userIds)).fetch();
     }
 
     @Override

diff --git a/src/main/java/com/directors/presentation/common/filter/CorsFilter.java b/src/main/java/com/directors/presentation/common/filter/CorsFilter.java