package com.dog.dognation.config; import com.dog.dognation.auth.web.AdminInterceptor; import com.dog.dognation.auth.web.AuthInterceptor; import org.springframework.context.annotation.Configuration; import org.springframework.web.servlet.config.annotation.CorsRegistry; import org.springframework.web.servlet.config.annotation.InterceptorRegistry; import org.springframework.web.servlet.config.annotation.WebMvcConfigurer; /** * 웹 계층 설정 — CORS 허용 + 인증/인가 인터셉터 등록. * 소셜 로그인 엔드포인트(/api/auth/google, /apple, /google-client-id)는 비보호. */ @Configuration public class WebConfig implements WebMvcConfigurer { private final AuthInterceptor authInterceptor; private final AdminInterceptor adminInterceptor; public WebConfig(AuthInterceptor authInterceptor, AdminInterceptor adminInterceptor) { this.authInterceptor = authInterceptor; this.adminInterceptor = adminInterceptor; } /** 프론트엔드(Vite dev / Capacitor 웹뷰)에서의 크로스 오리진 호출 허용. */ @Override public void addCorsMappings(CorsRegistry registry) { registry.addMapping("/api/**") .allowedOrigins( "http://localhost:9000", // Vite dev server "http://localhost", // Capacitor(Android) "capacitor://localhost", // Capacitor(iOS) "ionic://localhost" ) .allowedMethods("GET", "POST", "PUT", "PATCH", "DELETE", "OPTIONS") .allowedHeaders("*"); } @Override public void addInterceptors(InterceptorRegistry registry) { // 인증: 로그인 필요한 경로 (관리자 경로 포함 — SessionUser 세팅용으로 먼저 실행) registry.addInterceptor(authInterceptor) .addPathPatterns("/api/auth/me", "/api/auth/logout", "/api/admin/**"); // 인가: 관리자 전용 (authInterceptor 다음에 실행되어 role 검사) registry.addInterceptor(adminInterceptor) .addPathPatterns("/api/admin/**"); } }