Merge pull request #52 from prgrms-web-devcourse-final-project/QUZ-101-user-bugfix

[QUZ-101][HOTFIX] sockJS 웹소켓 연결 안되는 이슈 수정

Author: HMWG

gateway-service/src/main/kotlin/com/grepp/quizy/config/SecurityConfig.kt

@@ -18,6 +18,10 @@ class SecurityConfig() {
             .csrf { it.disable() }
             .httpBasic { it.disable() }
             .formLogin { it.disable() }
+            .cors { it.disable() }
+            .authorizeExchange {
+                it.anyExchange().permitAll()
+            }
             .build()
     }
 }

gateway-service/src/main/kotlin/com/grepp/quizy/global/AuthGlobalFilter.kt

@@ -132,7 +132,8 @@ class RouteValidator {
         "/api/quiz/feed",
         "/api/quiz/search",
         "/api/user/info/",
-        "/login/oauth2/code"
+        "/login/oauth2/code",
+        "/ws/info"
     )
 
     fun isUnsecured(request: ServerHttpRequest): Boolean {

gateway-service/src/main/resources/application.yml

@@ -13,6 +13,8 @@ spring:
     web-application-type: reactive
   cloud:
     gateway:
+      default-filters:
+        - DedupeResponseHeader=Access-Control-Allow-Credentials Access-Control-Allow-Origin
       globalcors:
         cors-configurations:
           '[/**]':
@@ -27,18 +29,21 @@ spring:
               - PATCH
               - OPTIONS
             allowedHeaders:
-              - "Access-Control-Allow-Headers"
-              - "Access-Control-Allow-Origin"
-              - "Access-Control-Request-Method"
-              - "Access-Control-Request-Headers"
-              - "Origin"
-              - "Cache-Control"
-              - "Content-Type"
-              - "Authorization"
-              - "X-Requested-With"
-              - "credentials"
-              - "If-None-Match"
-              - "Accept"
+              #              - "Access-Control-Allow-Headers"
+              #              - "Access-Control-Allow-Origin"
+              #              - "Access-Control-Request-Method"
+              #              - "Access-Control-Request-Headers"
+              #              - "Origin"
+              #              - "Cache-Control"
+              #              - "Content-Type"
+              #              - "Authorization"
+              #              - "X-Requested-With"
+              #              - "credentials"
+              #              - "If-None-Match"
+              #              - "Accept"
+              #              - "Upgrade"
+              #              - "Connection"
+              - "*"
             allowCredentials: true
 
 ---
@@ -77,15 +82,11 @@ spring:
           uri: http://localhost:8085
           predicates:
             - Path=/login/**
-        - id: websocket
-          uri: ws://localhost:8081
-          predicates:
-            - Path=/ws/**
         - id: sockjs
           uri: http://localhost:8081
           predicates:
             - Path=/ws/**
-            - Query=transport, websocket
+
   data:
     redis:
       host: localhost
@@ -157,15 +158,10 @@ spring:
           uri: http://dev-user-service:8080
           predicates:
             - Path=/login/**
-        - id: websocket
-          uri: ws://dev-game-service:8080
-          predicates:
-            - Path=/ws/**
         - id: sockjs
           uri: http://dev-game-service:8080
           predicates:
             - Path=/ws/**
-            - Query=transport, websocket
 
     kubernetes:
       discovery: