feat:: Swagger 보안 설정

- 제3자가 Swagger에 접근하면 모든 API가 다 공개되어버리는 보안 문제 발생하기 때문에 expressBasicAuth 적용
DevKor-github · Jul 25, 2024 · 97733af · 97733af
1 parent dc190ca
commit 97733af
Show file tree

Hide file tree

Showing 4 changed files with 42 additions and 0 deletions.
diff --git a/.github/workflows/docker-build.yml b/.github/workflows/docker-build.yml
@@ -56,6 +56,8 @@ jobs:
           echo "AWS_BUCKET_NAME=${{ secrets.AWS_BUCKET_NAME }}" >> .env.prod
           echo "DEEPL_API_KEY=${{ secrets.DEEPL_API_KEY }}" >> .env.prod
           echo "PORT=${{ secrets.PORT }}" >> .env.prod
+          echo "SWAGGER_USER=${{ secrets.SWAGGER_USER }}" >> .env.prod
+          echo "SWAGGER_PASSWORD=${{ secrets.SWAGGER_PASSWORD }}" >> .env.prod
 
           cat .env.prod
 

diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -41,6 +41,7 @@
     "class-validator": "^0.14.1",
     "cross-env": "^7.0.3",
     "deepl-node": "^1.13.0",
+    "express-basic-auth": "^1.2.1",
     "multer": "^1.4.5-lts.1",
     "multer-s3": "^3.0.1",
     "mysql2": "^3.9.3",

diff --git a/src/main.ts b/src/main.ts
@@ -2,6 +2,7 @@ import { ValidationPipe } from '@nestjs/common';
 import { NestFactory } from '@nestjs/core';
 import { AppModule } from './app.module';
 import { DocumentBuilder, SwaggerModule } from '@nestjs/swagger';
+import * as expressBasicAuth from 'express-basic-auth';
 
 async function bootstrap() {
   const app = await NestFactory.create(AppModule);
@@ -12,6 +13,16 @@ async function bootstrap() {
     methods: 'GET,HEAD,PUT,PATCH,POST,DELETE,OPTIONS',
   });
 
+  app.use(
+    ['/api'],
+    expressBasicAuth({
+      challenge: true,
+      users: {
+        [process.env.SWAGGER_USER]: process.env.SWAGGER_PASSWORD,
+      },
+    }),
+  );
+
   app.useGlobalPipes(
     new ValidationPipe({
       transform: true,