From cd3a9f158c742a45abed2ef043468b0b0890f30b Mon Sep 17 00:00:00 2001
From: Junghoon Kim <jafarock@naver.com>
Date: Thu, 23 Jan 2025 19:37:14 +0900
Subject: [PATCH] :pencil: made our session management to be stateless

---
 src/main/kotlin/com/toyProject7/karrot/SecurityConfig.kt | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/main/kotlin/com/toyProject7/karrot/SecurityConfig.kt b/src/main/kotlin/com/toyProject7/karrot/SecurityConfig.kt
index 928db17..48aed6e 100644
--- a/src/main/kotlin/com/toyProject7/karrot/SecurityConfig.kt
+++ b/src/main/kotlin/com/toyProject7/karrot/SecurityConfig.kt
@@ -9,6 +9,7 @@ import org.springframework.context.annotation.Configuration
 import org.springframework.http.HttpStatus
 import org.springframework.security.config.annotation.web.builders.HttpSecurity
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
+import org.springframework.security.config.http.SessionCreationPolicy
 import org.springframework.security.oauth2.client.web.OAuth2LoginAuthenticationFilter
 import org.springframework.security.web.SecurityFilterChain
 import org.springframework.security.web.authentication.HttpStatusEntryPoint
@@ -44,6 +45,9 @@ class SecurityConfig(
             .exceptionHandling { exceptionHandling ->
                 exceptionHandling.authenticationEntryPoint(HttpStatusEntryPoint(HttpStatus.UNAUTHORIZED))
             }
+            .sessionManagement { sessionManagement ->
+                sessionManagement.sessionCreationPolicy(SessionCreationPolicy.STATELESS)
+            }
             .oauth2Login { oauth2login ->
                 oauth2login
                     .userInfoEndpoint { userInfo ->