From aed79a7f966b3812a594fbec94c98871bec02e38 Mon Sep 17 00:00:00 2001
From: yuhalog <youha0930@gmail.com>
Date: Wed, 18 Jun 2025 15:13:48 +0900
Subject: [PATCH] refactor: Spring security config

---
 .../com/won/smarketing/common/config/SecurityConfig.java | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/smarketing-java/common/src/main/java/com/won/smarketing/common/config/SecurityConfig.java b/smarketing-java/common/src/main/java/com/won/smarketing/common/config/SecurityConfig.java
index b5179bb..dcc1f20 100644
--- a/smarketing-java/common/src/main/java/com/won/smarketing/common/config/SecurityConfig.java
+++ b/smarketing-java/common/src/main/java/com/won/smarketing/common/config/SecurityConfig.java
@@ -43,10 +43,13 @@ public class SecurityConfig {
             .cors(cors -> cors.configurationSource(corsConfigurationSource()))
             .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
             .authorizeHttpRequests(auth -> auth
-                    .anyRequest().permitAll()
+                .requestMatchers("/api/auth/**", "/api/member/register", "/api/member/check-duplicate/**",
+                               "/api/member/validate-password", "/swagger-ui/**", "/v3/api-docs/**",
+                               "/swagger-resources/**", "/webjars/**", "/actuator/**", "/health/**", "/error"
+                ).permitAll()
+                .anyRequest().authenticated()
             )
-//            .addFilterBefore(jwtAuthenticationFilter, UsernamePasswordAuthenticationFilter.class)
-        ;
+            .addFilterBefore(jwtAuthenticationFilter, UsernamePasswordAuthenticationFilter.class);
 
         return http.build();
     }