feat: 카카오 로그인 API(/members/login/kakao/oauth) Get -> Post 변경 (#118)

* feat: profile 환경에 따른 cookie 설정 분리 및 config 업데이트 * test: profile에 따른 쿠키 생성 테스트 * feat: Get에서 Post로 변경 * refactor: CookieUtils 변경 * feat: config 변경 * fix: merge confilt 해결 * feat: Cookie secure 추가
team-moabam · Nov 20, 2023 · cf6070f · cf6070f
1 parent 8e62640
commit cf6070f
Show file tree

Hide file tree

Showing 12 changed files with 6,776 additions and 1,692 deletions.
diff --git a/src/main/java/com/moabam/api/application/auth/mapper/PathMapper.java b/src/main/java/com/moabam/api/application/auth/mapper/PathMapper.java
@@ -9,7 +9,6 @@
 import com.moabam.api.domain.member.Role;
 import com.moabam.global.auth.handler.PathResolver;
 
-import jakarta.annotation.Nonnull;
 import lombok.AccessLevel;
 import lombok.NoArgsConstructor;
 
@@ -20,12 +19,12 @@ public static PathResolver.Path parsePath(String uri) {
 		return parsePath(uri, null, null);
 	}
 
-	public static <T> PathResolver.Path parsePath(String uri, @Nonnull List<T> params) {
-		if (!params.isEmpty() && params.get(0) instanceof Role) {
-			return parsePath(uri, (List<Role>)params, null);
-		}
+	public static PathResolver.Path pathWithRole(String uri, List<Role> params) {
+		return parsePath(uri, params, null);
+	}
 
-		return parsePath(uri, null, (List<HttpMethod>)params);
+	public static PathResolver.Path pathWithMethod(String uri, List<HttpMethod> params) {
+		return parsePath(uri, null, params);
 	}
 
 	private static PathResolver.Path parsePath(String uri, List<Role> roles, List<HttpMethod> methods) {

diff --git a/src/main/java/com/moabam/api/presentation/MemberController.java b/src/main/java/com/moabam/api/presentation/MemberController.java
@@ -2,7 +2,8 @@
 
 import org.springframework.http.HttpStatus;
 import org.springframework.web.bind.annotation.GetMapping;
-import org.springframework.web.bind.annotation.ModelAttribute;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.ResponseStatus;
 import org.springframework.web.bind.annotation.RestController;
@@ -31,21 +32,21 @@ public void socialLogin(HttpServletResponse httpServletResponse) {
 		authorizationService.redirectToLoginPage(httpServletResponse);
 	}
 
-	@GetMapping("/login/kakao/oauth")
+	@PostMapping("/login/kakao/oauth")
 	@ResponseStatus(HttpStatus.OK)
-	public LoginResponse authorizationTokenIssue(@ModelAttribute AuthorizationCodeResponse authorizationCodeResponse,
+	public LoginResponse authorizationTokenIssue(@RequestBody AuthorizationCodeResponse authorizationCodeResponse,
 		HttpServletResponse httpServletResponse) {
 		AuthorizationTokenResponse tokenResponse = authorizationService.requestToken(authorizationCodeResponse);
-		AuthorizationTokenInfoResponse authorizationTokenInfoResponse =
-			authorizationService.requestTokenInfo(tokenResponse);
+		AuthorizationTokenInfoResponse authorizationTokenInfoResponse = authorizationService.requestTokenInfo(
+			tokenResponse);
 
 		return authorizationService.signUpOrLogin(httpServletResponse, authorizationTokenInfoResponse);
 	}
 
 	@GetMapping("/logout")
 	@ResponseStatus(HttpStatus.OK)
-	public void logout(@CurrentMember AuthorizationMember authorizationMember,
-		HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
+	public void logout(@CurrentMember AuthorizationMember authorizationMember, HttpServletRequest httpServletRequest,
+		HttpServletResponse httpServletResponse) {
 		authorizationService.logout(authorizationMember, httpServletRequest, httpServletResponse);
 	}
 }
diff --git a/src/main/java/com/moabam/global/auth/filter/PathFilter.java b/src/main/java/com/moabam/global/auth/filter/PathFilter.java
@@ -9,6 +9,7 @@
 
 import com.moabam.global.auth.handler.PathResolver;
 
+import io.grpc.netty.shaded.io.netty.handler.codec.http.HttpMethod;
 import jakarta.servlet.FilterChain;
 import jakarta.servlet.ServletException;
 import jakarta.servlet.http.HttpServletRequest;
@@ -34,6 +35,14 @@ public void doFilterInternal(HttpServletRequest request, HttpServletResponse res
 			}
 		});
 
+		if (isOption(request.getMethod())) {
+			request.setAttribute("isPermit", true);
+		}
+
 		filterChain.doFilter(request, response);
 	}
+
+	public boolean isOption(String method) {
+		return HttpMethod.OPTIONS.name().equals(method);
+	}
 }
diff --git a/src/main/java/com/moabam/global/common/util/CookieUtils.java b/src/main/java/com/moabam/global/common/util/CookieUtils.java
@@ -0,0 +1,37 @@
+package com.moabam.global.common.util;
+
+import jakarta.servlet.http.Cookie;
+import lombok.AccessLevel;
+import lombok.NoArgsConstructor;
+
+@NoArgsConstructor(access = AccessLevel.PRIVATE)
+public class CookieUtils {
+
+	public static Cookie tokenCookie(String name, String value, long expireTime) {
+		Cookie cookie = new Cookie(name, value);
+		cookie.setSecure(true);
+		cookie.setHttpOnly(true);
+		cookie.setPath("/");
+		cookie.setMaxAge((int)expireTime);
+		cookie.setAttribute("SameSite", "Lax");
+
+		return cookie;
+	}
+
+	public static Cookie typeCookie(String value, long expireTime) {
+		Cookie cookie = new Cookie("token_type", value);
+		cookie.setSecure(true);
+		cookie.setHttpOnly(true);
+		cookie.setPath("/");
+		cookie.setMaxAge((int)expireTime);
+		cookie.setAttribute("SameSite", "Lax");
+
+		return cookie;
+	}
+
+	public static Cookie deleteCookie(Cookie cookie) {
+		cookie.setMaxAge(0);
+		cookie.setPath("/");
+		return cookie;
+	}
+}
diff --git a/src/main/java/com/moabam/global/config/WebConfig.java b/src/main/java/com/moabam/global/config/WebConfig.java
@@ -56,8 +56,8 @@ public PathResolver pathResolver() {
 				PathMapper.parsePath("/webjars/*"),
 				PathMapper.parsePath("/favicon/*"),
 				PathMapper.parsePath("/*/icon-*"),
-				PathMapper.parsePath("/serverTime", List.of(HttpMethod.GET))
-			))
+				PathMapper.parsePath("/favicon.ico"),
+				PathMapper.pathWithMethod("/serverTime", List.of(HttpMethod.GET))))
 			.build();
 
 		return new PathResolver(path);

diff --git a/src/main/resources/config b/src/main/resources/config