Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix/346 : 쿠키 Path 설정 #347

Open
wants to merge 5 commits into
base: dev-be
Choose a base branch
from
Open

Fix/346 : 쿠키 Path 설정 #347

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
673b7dd
feat : 쿠키 Path 추가
sunghyuki Jan 25, 2023
22555a7
feat : 쿠키 Secure false 설정
sunghyuki Jan 25, 2023
163ea95
fix: cookie path / -> /reissue
sunghyuki Jan 9, 2024
06879b0
fix: 로그아웃, 토큰 재발급 기능 공통된 상위 경로를 가지도록 수정
sunghyuki Jan 17, 2024
faf977d
fix: /projects http get method 호출 시 spring security filter 지나지 않도록 수정
sunghyuki Jan 17, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Binary file added server/collusic-be/.gradle/6.8/executionHistory/executionHistory.bin
View file
Open in desktop
Binary file not shown.
Binary file added server/collusic-be/.gradle/6.8/executionHistory/executionHistory.lock
View file
Open in desktop
Binary file not shown.
Binary file added server/collusic-be/.gradle/6.8/fileChanges/last-build.bin
View file
Open in desktop
Binary file not shown.
Binary file added server/collusic-be/.gradle/6.8/fileHashes/fileHashes.bin
View file
Open in desktop
Binary file not shown.
Binary file added server/collusic-be/.gradle/6.8/fileHashes/fileHashes.lock
View file
Open in desktop
Binary file not shown.
Empty file added server/collusic-be/.gradle/6.8/gc.properties
View file
Open in desktop
Empty file.
Binary file added server/collusic-be/.gradle/buildOutputCleanup/buildOutputCleanup.lock
View file
Open in desktop
Binary file not shown.
2 changes: 2 additions & 0 deletions server/collusic-be/.gradle/buildOutputCleanup/cache.properties
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
#Tue Jan 09 20:51:54 KST 2024
gradle.version=7.3.1
Binary file added server/collusic-be/.gradle/checksums/checksums.lock
View file
Open in desktop
Binary file not shown.
Empty file added server/collusic-be/.gradle/configuration-cache/gc.properties
View file
Open in desktop
Empty file.
Empty file added server/collusic-be/.gradle/vcs-1/gc.properties
View file
Open in desktop
Empty file.
9 changes: 9 additions & 0 deletions ...ollusic-be/src/main/java/com/collusic/collusicbe/global/auth/JWTAuthenticationFilter.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@
import com.collusic.collusicbe.global.util.JWTUtil;
import com.collusic.collusicbe.global.util.ParsingUtil;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpMethod;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
Expand Down Expand Up @@ -38,6 +39,14 @@ public JWTAuthenticationFilter(AuthenticationManager authenticationManager, Toke
@Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws IOException, ServletException, ExpiredTokenException {

String requestURI = request.getRequestURI();
String method = request.getMethod();

if (HttpMethod.GET.matches(method) && requestURI.startsWith("/projects")) {
chain.doFilter(request, response);
return;
}

String bearer = request.getHeader(HttpHeaders.AUTHORIZATION);

String refreshToken = CookieUtils.extractRefreshToken(request);
Expand Down
3 changes: 2 additions & 1 deletion server/collusic-be/src/main/java/com/collusic/collusicbe/global/util/CookieUtils.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,8 +31,9 @@ public static String extractRefreshToken(HttpServletRequest request) {
public static Cookie setCookieWith(String refreshToken) {
Cookie cookie = new Cookie("refreshToken", refreshToken);
cookie.setMaxAge(REFRESH_TIME);
cookie.setSecure(false); // TODO : HTTPS 적용 시 true로 옵션 변경하기
cookie.setSecure(false);
cookie.setHttpOnly(true);
cookie.setPath("/auth");
return cookie;
}
}
2 changes: 1 addition & 1 deletion ...er/collusic-be/src/main/java/com/collusic/collusicbe/web/controller/MemberController.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -87,7 +87,7 @@ public ResponseEntity<ProfileUrlResponseDto> getProfileUrl(@PathVariable String
}

@Operation(summary = "로그아웃", description = "로그인된 회원을 로그아웃 시킨다.")
@GetMapping("/logout")
@GetMapping("/auth/logout")
public ResponseEntity<Void> logout(HttpServletRequest request, HttpServletResponse response) {
tokenService.deleteRefreshToken(CookieUtils.extractRefreshToken(request));
CookieUtils.expireCookie(response, "refreshToken");
Expand Down
2 changes: 1 addition & 1 deletion server/collusic-be/src/main/java/com/collusic/collusicbe/web/controller/TokenController.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ public class TokenController {
private final static String BEARER_PREFIX = "Bearer ";

@Operation(summary = "토큰 재발급", description = "refresh token을 통한 access token 재발급")
@PostMapping("/reissue")
@PostMapping("/auth/reissue")
public ResponseEntity<ReissuedTokenDto> reissue(HttpServletResponse response) {
String bearer = response.getHeader("Authorization");
String accessToken = bearer.substring(BEARER_PREFIX.length());
Expand Down