Merge pull request #54 from Project-aniwhere/hotfix-social-login

hotfix-social-login PR
Project-aniwhere · Dec 28, 2024 · b36d0b6 · b36d0b6
2 parents b13bf74 + d4999d6
commit b36d0b6
Show file tree

Hide file tree

Showing 2 changed files with 15 additions and 13 deletions.
diff --git a/src/main/java/com/example/aniwhere/application/config/WebConfig.java b/src/main/java/com/example/aniwhere/application/config/WebConfig.java
@@ -1,31 +1,33 @@
 package com.example.aniwhere.application.config;
 
 import com.example.aniwhere.application.auth.resolver.LoginUserArgumentResolver;
+import lombok.RequiredArgsConstructor;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.web.method.support.HandlerMethodArgumentResolver;
 import org.springframework.web.servlet.config.annotation.CorsRegistry;
 import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
 
 import java.util.List;
 
+import static org.springframework.http.HttpHeaders.LOCATION;
+import static org.springframework.http.HttpHeaders.SET_COOKIE;
+
 @Configuration
+@RequiredArgsConstructor
 public class WebConfig implements WebMvcConfigurer {
 
 	private final LoginUserArgumentResolver loginUserArgumentResolver;
-	private final long MAX_AGE_SECS = 3600;
-
-	public WebConfig(LoginUserArgumentResolver loginUserArgumentResolver) {
-		this.loginUserArgumentResolver = loginUserArgumentResolver;
-	}
+	private final static long MAX_AGE_SECS = 3600;
+	private final static String FRONT_END_LOCAL = "http://localhost:3000";
 
 	@Override
 	public void addCorsMappings(CorsRegistry registry) {
 		registry
-				.addMapping("/**")
-				.allowedMethods("GET","POST","PUT","PATCH","DELETE","OPTIONS")
-				.allowedHeaders("*")
-				.allowedOrigins("http://localhost:3000")
+				.addMapping("/api**")
+				.allowedMethods("GET","POST","PUT","PATCH","DELETE","OPTIONS","TRACE")
+				.allowedOrigins(FRONT_END_LOCAL)
 				.allowCredentials(true)
+				.exposedHeaders(SET_COOKIE, LOCATION)
 				.maxAge(MAX_AGE_SECS);
 	}
 

diff --git a/src/main/java/com/example/aniwhere/application/config/cookie/CookieConfig.java b/src/main/java/com/example/aniwhere/application/config/cookie/CookieConfig.java
@@ -24,8 +24,8 @@ public class CookieConfig {
 	public ResponseCookie createAccessTokenCookie(String name, String value) {
 		return ResponseCookie.from(name, value)
 				.httpOnly(true)
-				.secure(false)	// 개발환경에서는 false로 수정
-				.sameSite("none")
+				.secure(true)
+				.sameSite("None")
 				.maxAge(accessTokenExpirationTime / 1000)
 				.path("/")
 				.build();
@@ -34,8 +34,8 @@ public ResponseCookie createAccessTokenCookie(String name, String value) {
 	public ResponseCookie createRefreshTokenCookie(String name, String value) {
 		return ResponseCookie.from(name, value)
 				.httpOnly(true)
-				.secure(false)	// 개발환경에서는 false로 설정
-				.sameSite("none")
+				.secure(true)
+				.sameSite("None")
 				.maxAge(refreshTokenExpirationTime / 1000)
 				.path("/")
 				.build();