2026-07-11 08:07:43 +09:00
|
|
|
package com.dog.dognation.config;
|
|
|
|
|
|
2026-07-11 08:07:41 +09:00
|
|
|
import com.dog.dognation.auth.web.AdminInterceptor;
|
|
|
|
|
import com.dog.dognation.auth.web.AuthInterceptor;
|
2026-07-11 08:07:43 +09:00
|
|
|
import org.springframework.context.annotation.Configuration;
|
|
|
|
|
import org.springframework.web.servlet.config.annotation.CorsRegistry;
|
2026-07-11 08:07:41 +09:00
|
|
|
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
|
2026-07-11 08:07:43 +09:00
|
|
|
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
|
|
|
|
|
|
2026-07-11 08:07:41 +09:00
|
|
|
/**
|
|
|
|
|
* 웹 계층 설정 — CORS 허용 + 인증/인가 인터셉터 등록.
|
|
|
|
|
* 소셜 로그인 엔드포인트(/api/auth/google, /apple, /google-client-id)는 비보호.
|
|
|
|
|
*/
|
2026-07-11 08:07:43 +09:00
|
|
|
@Configuration
|
|
|
|
|
public class WebConfig implements WebMvcConfigurer {
|
|
|
|
|
|
2026-07-11 08:07:41 +09:00
|
|
|
private final AuthInterceptor authInterceptor;
|
|
|
|
|
private final AdminInterceptor adminInterceptor;
|
|
|
|
|
|
|
|
|
|
public WebConfig(AuthInterceptor authInterceptor, AdminInterceptor adminInterceptor) {
|
|
|
|
|
this.authInterceptor = authInterceptor;
|
|
|
|
|
this.adminInterceptor = adminInterceptor;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/** 프론트엔드(Vite dev / Capacitor 웹뷰)에서의 크로스 오리진 호출 허용. */
|
2026-07-11 08:07:43 +09:00
|
|
|
@Override
|
|
|
|
|
public void addCorsMappings(CorsRegistry registry) {
|
|
|
|
|
registry.addMapping("/api/**")
|
|
|
|
|
.allowedOrigins(
|
|
|
|
|
"http://localhost:9000", // Vite dev server
|
|
|
|
|
"http://localhost", // Capacitor(Android)
|
|
|
|
|
"capacitor://localhost", // Capacitor(iOS)
|
|
|
|
|
"ionic://localhost"
|
|
|
|
|
)
|
|
|
|
|
.allowedMethods("GET", "POST", "PUT", "PATCH", "DELETE", "OPTIONS")
|
|
|
|
|
.allowedHeaders("*");
|
|
|
|
|
}
|
2026-07-11 08:07:41 +09:00
|
|
|
|
|
|
|
|
@Override
|
|
|
|
|
public void addInterceptors(InterceptorRegistry registry) {
|
|
|
|
|
// 인증: 로그인 필요한 경로 (관리자 경로 포함 — SessionUser 세팅용으로 먼저 실행)
|
|
|
|
|
registry.addInterceptor(authInterceptor)
|
|
|
|
|
.addPathPatterns("/api/auth/me", "/api/auth/logout", "/api/admin/**");
|
|
|
|
|
// 인가: 관리자 전용 (authInterceptor 다음에 실행되어 role 검사)
|
|
|
|
|
registry.addInterceptor(adminInterceptor)
|
|
|
|
|
.addPathPatterns("/api/admin/**");
|
|
|
|
|
}
|
2026-07-11 08:07:43 +09:00
|
|
|
}
|