Nexters · pythonstrup · Feb 6, 2025 · Feb 6, 2025 · Feb 6, 2025 · Feb 6, 2025
diff --git a/docker-compose.yml b/docker-compose.yml
@@ -31,6 +31,7 @@ services:
       KAKAO_LOGIN_CLIENT_ID: ${KAKAO_LOGIN_CLIENT_ID}
       KAKAO_LOGIN_CLIENT_SECRET: ${KAKAO_LOGIN_CLIENT_SECRET}
       SPRING_PROFILES_ACTIVE: ${SPRING_PROFILES_ACTIVE}
+      TZ: Asia/Seoul
     volumes:
       - /var/log/jaknaeso:/var/log/jaknaeso
     depends_on:

diff --git a/jaknaeso-server/src/main/java/org/nexters/jaknaesoserver/config/CorsConfig.java b/jaknaeso-server/src/main/java/org/nexters/jaknaesoserver/config/CorsConfig.java
@@ -0,0 +1,32 @@
+package org.nexters.jaknaesoserver.config;
+
+import java.util.List;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.web.cors.CorsConfiguration;
+import org.springframework.web.cors.CorsConfigurationSource;
+import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
+
+@Configuration
+public class CorsConfig {
+
+  private static final String LOCAL_URL = "http://localhost:3000";
+  private static final String JAKNAESO_WEB_VERCEL_APP = "https://jaknaeso-web.vercel.app";
+
+  @Value("${cors.origins.api-doc}")
+  private String API_DOC_HOST;
+
+  @Bean
+  public CorsConfigurationSource corsConfigurationSource() {
+
+    final CorsConfiguration corsConfiguration = new CorsConfiguration();
+    corsConfiguration.setAllowedOrigins(List.of(API_DOC_HOST, LOCAL_URL, JAKNAESO_WEB_VERCEL_APP));
+    corsConfiguration.setAllowedMethods(List.of("GET", "POST", "PUT", "PATCH", "DELETE"));
+    corsConfiguration.addAllowedHeader("*");
+
+    UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
+    source.registerCorsConfiguration("/**", corsConfiguration);
+    return source;
+  }
+}
diff --git a/jaknaeso-server/src/main/java/org/nexters/jaknaesoserver/config/SecurityConfig.java b/jaknaeso-server/src/main/java/org/nexters/jaknaesoserver/config/SecurityConfig.java
@@ -12,6 +12,7 @@
 import org.springframework.security.config.http.SessionCreationPolicy;
 import org.springframework.security.web.SecurityFilterChain;
 import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
+import org.springframework.web.cors.CorsConfigurationSource;
 
 @RequiredArgsConstructor
 @EnableWebSecurity
@@ -20,6 +21,7 @@ public class SecurityConfig {
 
   private final SecurityExceptionHandler securityExceptionHandler;
   private final JwtAuthFilter jwtAuthFilter;
+  private final CorsConfigurationSource corsConfigurationSource;
 
   @Bean
   public SecurityFilterChain filterChain(HttpSecurity httpSecurity) throws Exception {
@@ -32,6 +34,7 @@ public SecurityFilterChain filterChain(HttpSecurity httpSecurity) throws Excepti
                     .permitAll()
                     .anyRequest()
                     .authenticated())
+        .cors(corsConfigurer -> corsConfigurer.configurationSource(corsConfigurationSource))
-        .cors(corsConfigurer -> corsConfigurer.configurationSource(corsConfigurationSource))
+        .cors(withDefaults())
-        .cors(corsConfigurer -> corsConfigurer.configurationSource(corsConfigurationSource))
+        .cors(withDefaults())
         .formLogin(AbstractHttpConfigurer::disable)
         .logout(AbstractHttpConfigurer::disable)
         .httpBasic(AbstractHttpConfigurer::disable)

diff --git a/jaknaeso-server/src/main/java/org/nexters/jaknaesoserver/config/WebMvcConfig.java b/jaknaeso-server/src/main/java/org/nexters/jaknaesoserver/config/WebMvcConfig.java