From 2155daec709cf7d0a7ed4dd6bb88686b0baa2152 Mon Sep 17 00:00:00 2001
From: Jaeyoung Lim <limjyjustin@gmail.com>
Date: Tue, 19 Nov 2024 21:30:27 +0900
Subject: [PATCH] =?UTF-8?q?!HOTFIX:=20API=20=EC=97=B0=EB=8F=99=20=EB=B2=84?=
 =?UTF-8?q?=EA=B7=B8=20=EC=88=98=EC=A0=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

원인 : 경로 매핑을 잘못하였음
추가적으로 테스트를 위해 H2 의존성 모두 열어두고 스프링 시큐리티 걸리지 않게 설정
---
 .../java/org/meme/auth/config/SecurityConfig.java | 15 +++++++++------
 .../org/meme/auth/controller/AuthController.java  |  4 +++-
 2 files changed, 12 insertions(+), 7 deletions(-)

diff --git a/MEME-AUTH/src/main/java/org/meme/auth/config/SecurityConfig.java b/MEME-AUTH/src/main/java/org/meme/auth/config/SecurityConfig.java
index e35cdcf..8df0c3b 100644
--- a/MEME-AUTH/src/main/java/org/meme/auth/config/SecurityConfig.java
+++ b/MEME-AUTH/src/main/java/org/meme/auth/config/SecurityConfig.java
@@ -1,10 +1,11 @@
 package org.meme.auth.config;
 
 import lombok.RequiredArgsConstructor;
-import org.meme.auth.service.PrincipalDetailsService;
 import org.meme.auth.jwt.JwtAccessDeniedHandler;
 import org.meme.auth.jwt.JwtAuthenticationEntryPoint;
 import org.meme.auth.jwt.JwtCustomAuthenticationFilter;
+import org.meme.auth.service.PrincipalDetailsService;
+import org.springframework.boot.autoconfigure.security.servlet.PathRequest;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.authentication.AuthenticationManager;
@@ -12,13 +13,13 @@
 import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
+import org.springframework.security.config.annotation.web.configurers.HeadersConfigurer;
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.security.web.SecurityFilterChain;
 import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
-import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
 
-
-import static org.springframework.security.config.http.SessionCreationPolicy.*;
+import static org.springframework.security.config.http.SessionCreationPolicy.STATELESS;
 
 @RequiredArgsConstructor
 @EnableWebSecurity
@@ -44,18 +45,20 @@ public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Excepti
                                 .authenticationEntryPoint(authenticationEntryPoint)  // 401
                                 .accessDeniedHandler(accessDeniedHandler)  // 403
                 )
+                .headers(headers -> headers.frameOptions(HeadersConfigurer.FrameOptionsConfig::sameOrigin))  // H2 데이터베이스 웹 콘솔 허용
                 .authorizeHttpRequests((authorizeHttpRequests) ->
                         authorizeHttpRequests
                                 .requestMatchers("/api/v1/signup/model").permitAll()
                                 .requestMatchers("/api/v1/signup/artist").permitAll()
                                 .requestMatchers("/api/v1/reissue").permitAll()
                                 .requestMatchers("/api/v1/check/*").permitAll()
-
                                 .requestMatchers("/api/v1/auth/artist/extra").permitAll()
                                 .requestMatchers("/api/v1/auth/logout").permitAll()
                                 .requestMatchers("/api/v1/auth/withdraw").permitAll()
-                                .requestMatchers("/api/v2/**").permitAll()
                                 .requestMatchers("/auth/**").permitAll()
+
+                                .requestMatchers("/api/v2/**").permitAll()  // API version update
+                                .requestMatchers(PathRequest.toH2Console()).permitAll()  // H2 데이터베이스 경로 허용
                 );
 
 
diff --git a/MEME-AUTH/src/main/java/org/meme/auth/controller/AuthController.java b/MEME-AUTH/src/main/java/org/meme/auth/controller/AuthController.java
index ae8bb28..cc1e9ed 100644
--- a/MEME-AUTH/src/main/java/org/meme/auth/controller/AuthController.java
+++ b/MEME-AUTH/src/main/java/org/meme/auth/controller/AuthController.java
@@ -12,13 +12,15 @@
 import org.meme.auth.service.AuthService;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 
 import static org.meme.auth.common.BaseResponseDto.SuccessResponse;
 
 @Slf4j(topic = "MEME-AUTH")
 @RequiredArgsConstructor
-@RestController("/api/v2")
+@RequestMapping("/api/v2")
+@RestController
 public class AuthController {
 
     private final AuthService authService;