add :: filterConfig

MEOGO-DSM · Sep 3, 2024 · 2260584 · 2260584
1 parent 30f8fce
commit 2260584
Show file tree

Hide file tree

Showing 2 changed files with 33 additions and 1 deletion.
diff --git a/src/main/kotlin/org/meogo/global/config/FilterConfig.kt b/src/main/kotlin/org/meogo/global/config/FilterConfig.kt
@@ -0,0 +1,23 @@
+package org.meogo.global.config
+
+import com.fasterxml.jackson.databind.ObjectMapper
+import org.meogo.global.error.GlobalExceptionFilter
+import org.meogo.global.jwt.JwtTokenFilter
+import org.meogo.global.jwt.JwtTokenProvider
+import org.springframework.context.annotation.Configuration
+import org.springframework.security.config.annotation.SecurityConfigurerAdapter
+import org.springframework.security.config.annotation.web.builders.HttpSecurity
+import org.springframework.security.web.DefaultSecurityFilterChain
+import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter
+
+@Configuration
+class FilterConfig(
+    private val objectMapper: ObjectMapper,
+    private val jwtTokenProvider: JwtTokenProvider
+) : SecurityConfigurerAdapter<DefaultSecurityFilterChain, HttpSecurity>() {
+
+    override fun configure(builder: HttpSecurity) {
+        builder.addFilterBefore(JwtTokenFilter(jwtTokenProvider), UsernamePasswordAuthenticationFilter::class.java)
+        builder.addFilterBefore(GlobalExceptionFilter(objectMapper), JwtTokenFilter::class.java)
+    }
+}
diff --git a/src/main/kotlin/org/meogo/global/config/SecurityConfig.kt b/src/main/kotlin/org/meogo/global/config/SecurityConfig.kt
@@ -1,5 +1,7 @@
 package org.meogo.global.config
 
+import com.fasterxml.jackson.databind.ObjectMapper
+import org.meogo.global.jwt.JwtTokenProvider
 import org.springframework.context.annotation.Bean
 import org.springframework.context.annotation.Configuration
 import org.springframework.http.HttpStatus
@@ -10,10 +12,14 @@ import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder
 import org.springframework.security.web.SecurityFilterChain
 import org.springframework.security.web.authentication.HttpStatusEntryPoint
 import org.springframework.web.cors.CorsUtils
+import javax.servlet.FilterConfig
 
 @Configuration
 @EnableWebSecurity
-class SecurityConfig {
+class SecurityConfig(
+    private val objectMapper: ObjectMapper,
+    private val jwtTokenProvider: JwtTokenProvider
+) {
 
     @Bean
     protected fun filterChain(http: HttpSecurity): SecurityFilterChain {
@@ -33,6 +39,9 @@ class SecurityConfig {
             .exceptionHandling()
             .authenticationEntryPoint(HttpStatusEntryPoint(HttpStatus.UNAUTHORIZED))
 
+        http
+            .apply(FilterConfig(objectMapper, jwtTokenProvider))
+
         return http.build()
     }