From 2aa6800223ebbf5f37883db072a3375551888994 Mon Sep 17 00:00:00 2001 From: toychip Date: Tue, 13 Feb 2024 04:46:20 +0900 Subject: [PATCH] =?UTF-8?q?docs:=20Security=20=EC=A0=91=EA=B7=BC=20?= =?UTF-8?q?=EB=B3=B4=EC=95=88=20=EC=84=A4=EC=A0=95,=20jwt=20token=20?= =?UTF-8?q?=ED=95=84=EC=9A=94=20(#51)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../java/com/api/ttoklip/global/config/SecurityConfig.java | 5 ++--- .../ttoklip/global/security/jwt/JwtAuthenticationFilter.java | 4 ++-- .../com/api/ttoklip/global/security/jwt/JwtProvider.java | 5 ++--- 3 files changed, 6 insertions(+), 8 deletions(-) diff --git a/src/main/java/com/api/ttoklip/global/config/SecurityConfig.java b/src/main/java/com/api/ttoklip/global/config/SecurityConfig.java index 47f3500d..6456068c 100644 --- a/src/main/java/com/api/ttoklip/global/config/SecurityConfig.java +++ b/src/main/java/com/api/ttoklip/global/config/SecurityConfig.java @@ -38,11 +38,10 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { "/favicon.ico" , "/health" , "/swagger-ui/**" - , "/oauth/**" - , "/login/**" + ,"/api/v1/auth" , "/**" ).permitAll() - .anyRequest().permitAll()); + .anyRequest().authenticated()); http.exceptionHandling(e -> e.accessDeniedHandler(tokenErrorHandler)); http.addFilterBefore(jwtAuthenticationFilter, UsernamePasswordAuthenticationFilter.class); diff --git a/src/main/java/com/api/ttoklip/global/security/jwt/JwtAuthenticationFilter.java b/src/main/java/com/api/ttoklip/global/security/jwt/JwtAuthenticationFilter.java index 7bba0c17..18686d14 100644 --- a/src/main/java/com/api/ttoklip/global/security/jwt/JwtAuthenticationFilter.java +++ b/src/main/java/com/api/ttoklip/global/security/jwt/JwtAuthenticationFilter.java @@ -61,8 +61,8 @@ private boolean isBearer(final String authorizationHeader) { private boolean isPublicUri(final String requestURI) { return requestURI.startsWith("/swagger-ui/**") || - requestURI.startsWith("/api/health") || + requestURI.startsWith("/health") || requestURI.startsWith("/favicon.ico") || - requestURI.startsWith("/api/v1/auth/**"); + requestURI.startsWith("/api/v1/auth"); } } diff --git a/src/main/java/com/api/ttoklip/global/security/jwt/JwtProvider.java b/src/main/java/com/api/ttoklip/global/security/jwt/JwtProvider.java index ba1b124c..86c6a75a 100644 --- a/src/main/java/com/api/ttoklip/global/security/jwt/JwtProvider.java +++ b/src/main/java/com/api/ttoklip/global/security/jwt/JwtProvider.java @@ -24,8 +24,6 @@ import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.authority.SimpleGrantedAuthority; import org.springframework.security.core.context.SecurityContextHolder; -import org.springframework.security.core.userdetails.UserDetails; -import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.stereotype.Component; @Component @@ -33,7 +31,8 @@ @RequiredArgsConstructor public class JwtProvider { - public static final long ACCESS_TOKEN_VALID_TIME = 15 * 60 * 1000L; + // 24시간 ToDo 개발 편의를 위해 늘려놓음 추후 수정 + public static final long ACCESS_TOKEN_VALID_TIME = 24 * 60 * 60 * 1000L; private final MemberService memberService; @Value("${jwt.secret.key}") private String SECRET_KEY;