feat : init vue config

add web Security and build update

build.gradle

@@ -2,14 +2,35 @@ plugins {
     id 'org.springframework.boot' version '2.7.3'
     id 'io.spring.dependency-management' version '1.0.13.RELEASE'
     id 'java'
+    id 'com.github.node-gradle.node' version '3.5.0'
 }
 
+println "### project.projectDir: ${project.projectDir}"
+// https://herojoon-dev.tistory.com/25
+node {
+
+
+    npmInstallCommand = "install"
+
+    workDir = file("${project.projectDir}/.gradle/nodejs")
+
+    npmWorkDir = file("${project.projectDir}/.gradle/npm")
+    nodeModulesDir = file("${project.projectDir}/src/frontend")
+
+    nodeProxySettings = ProxySettings.SMART
+}
+
+
+
 group = 'com.io'
 version = '0.0.1-SNAPSHOT'
 sourceCompatibility = '18'
 
 repositories {
     mavenCentral()
+
+    //node gradle
+    gradlePluginPortal()
 }
 
 dependencies {
@@ -42,3 +63,15 @@ dependencies {
 tasks.named('test') {
     useJUnitPlatform()
 }
+
+apply plugin: 'com.github.node-gradle.node'
+
+task deleteVueBuildFiles(type: Delete) {
+    delete "src/main/resources/static/static", "src/main/resources/static/index.html", "${project.projectDir}/src/frontend/node_modules"
+}
+
+task npmBuild(type: NpmTask, dependsOn: ['deleteVueBuildFiles', 'npmInstall']) {
+    args = ["run", "build"]
+}
+
+processResources.dependsOn 'npmBuild'

src/frontend/public/index.html

@@ -1,16 +1,7 @@
 <!DOCTYPE html>
 <html lang="">
-  <head>
-    <meta charset="utf-8">
-    <meta http-equiv="X-UA-Compatible" content="IE=edge">
-    <meta name="viewport" content="width=device-width,initial-scale=1.0">
-    <link rel="icon" href="<%= BASE_URL %>favicon.ico">
-    <title><%= htmlWebpackPlugin.options.title %></title>
-  </head>
   <body>
-    <noscript>
-      <strong>We're sorry but <%= htmlWebpackPlugin.options.title %> doesn't work properly without JavaScript enabled. Please enable it to continue.</strong>
-    </noscript>
+    hello?
     <div id="app"></div>
     <!-- built files will be auto injected -->
   </body>

src/frontend/vue.config.js

@@ -1,8 +1,7 @@
 const { defineConfig } = require('@vue/cli-service')
 module.exports = defineConfig({
   transpileDependencies: true,
-  outputDir: "../src/main/resources/static",
-  indexPath: "../static/index.html",
+  outputDir: "../main/resources/static",
 
   devServer: {
     port: 4000,

src/main/java/com/io/realworld/security/WebConfig.java

@@ -3,6 +3,7 @@ package com.io.realworld.security;
 
 import com.io.realworld.security.jwt.JwtAuthenticationFilter;
 import lombok.RequiredArgsConstructor;
+import org.springframework.boot.autoconfigure.security.servlet.PathRequest;
 import org.springframework.boot.test.json.GsonTester;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
@@ -12,6 +13,8 @@ import org.springframework.http.HttpMethod;
 import org.springframework.http.HttpStatus;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 
+import org.springframework.security.config.annotation.web.builders.WebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer;
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.security.web.SecurityFilterChain;
@@ -29,12 +32,17 @@ public class WebConfig {
         return new BCryptPasswordEncoder();
     }
 
+    @Bean
+    public WebSecurityCustomizer configure(){
+        return (web) -> web.ignoring().requestMatchers(PathRequest.toStaticResources().atCommonLocations());
+    }
+
     @Bean
     @Order(0)
     public SecurityFilterChain resources(HttpSecurity http) throws Exception {
         http.csrf().disable()
                 .requestMatchers((matchers) -> {matchers.antMatchers("/h2-console/**");
-                matchers.antMatchers(HttpMethod.GET,"/api/articles/**","/");})
+                    matchers.antMatchers(HttpMethod.GET,"/api/articles/**","/");})
                 .authorizeHttpRequests((authorize) -> authorize.anyRequest().permitAll())
                 .requestCache().disable()
                 .securityContext().disable()