Merge pull request #61 from devocean-finut/dev/level_test

#60 Fix formLogin : formLogin 비활성화

src/main/java/com/finut/finut_server/config/SecurityConfig.java

@@ -1,6 +1,5 @@
 package com.finut.finut_server.config;
 
-
 import com.finut.finut_server.apiPayload.exception.handler.CustomOAuth2AuthenticationSuccessHandler;
 import com.finut.finut_server.config.auth.CustomOAuth2UserService;
 import com.finut.finut_server.domain.user.UsersRepository;
@@ -10,13 +9,9 @@
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
-import org.springframework.security.core.userdetails.User;
-import org.springframework.security.core.userdetails.UserDetails;
-import org.springframework.security.core.userdetails.UserDetailsService;
 import org.springframework.security.oauth2.client.InMemoryOAuth2AuthorizedClientService;
 import org.springframework.security.oauth2.client.OAuth2AuthorizedClientService;
 import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
-import org.springframework.security.provisioning.InMemoryUserDetailsManager;
 import org.springframework.security.web.SecurityFilterChain;
 import org.springframework.web.cors.CorsConfiguration;
 import org.springframework.web.cors.CorsConfigurationSource;
@@ -43,28 +38,11 @@ public SecurityFilterChain securityFilterChain(HttpSecurity http, CustomOAuth2Us
                                 )
                                 .defaultSuccessUrl("/success", true)
                 )
-                .formLogin(formLogin ->
-                        formLogin
-                                .defaultSuccessUrl("/success", true)
-                )
-                .logout(logout ->
-                        logout
-                                .logoutSuccessUrl("/") // 임시
-                )
                 .csrf(AbstractHttpConfigurer::disable) // post 요청을 위한 csrf disable
                 .cors(cors -> cors.configurationSource(corsConfigurationSource()))
                 .headers(headers -> headers.frameOptions(frameOptions -> frameOptions.sameOrigin()));
-        return http.build();
-    }
 
-    @Bean
-    public UserDetailsService userDetailsService() {
-        UserDetails user = User.withDefaultPasswordEncoder()
-                .username("user")
-                .password("password")
-                .roles("USER")
-                .build();
-        return new InMemoryUserDetailsManager(user);
+        return http.build();
     }
 
     @Bean
@@ -83,7 +61,7 @@ public CustomOAuth2UserService customOAuth2UserService(UsersRepository userRepos
     public CorsConfigurationSource corsConfigurationSource() {
         CorsConfiguration configuration = new CorsConfiguration();
         configuration.setAllowedOrigins(Arrays.asList("http://localhost:3000")); // 프론트엔드 도메인
-        configuration.setAllowedMethods(Arrays.asList("GET", "POST", "PUT", "DELETE", "OPTIONS", "HEAD")); // 허용할 HTTP 메서드
+        configuration.setAllowedMethods(Arrays.asList("GET", "POST", "PUT", "PATCH", "DELETE", "OPTIONS", "HEAD")); // 허용할 HTTP 메서드
         configuration.setAllowedHeaders(Arrays.asList("Authorization", "Content-Type")); // 허용할 헤더
         configuration.setExposedHeaders(Arrays.asList("Authorization")); // 응답에서 노출할 헤더
         configuration.setAllowCredentials(true); // 자격 증명 포함 요청 허용