diff --git a/src/main/java/com/wedit/weditapp/global/auth/jwt/JwtProvider.java b/src/main/java/com/wedit/weditapp/global/auth/jwt/JwtProvider.java index a044e37..ba1662b 100644 --- a/src/main/java/com/wedit/weditapp/global/auth/jwt/JwtProvider.java +++ b/src/main/java/com/wedit/weditapp/global/auth/jwt/JwtProvider.java @@ -84,8 +84,7 @@ public void setAccessTokenCookie(HttpServletResponse response, String accessToke accessCookie.setSecure(true); // HTTPS 상황에서만 전송 accessCookie.setPath("/"); accessCookie.setAttribute("SameSite", "None"); - //accessCookie.setDomain(cookieDomain); - accessCookie.setDomain("43.201.85.194.nip.io"); + accessCookie.setDomain(".wedit.site"); accessCookie.setMaxAge((int) TimeUnit.MILLISECONDS.toSeconds(accessTokenExpiry)); response.addCookie(accessCookie); @@ -100,8 +99,7 @@ public void setRefreshTokenCookie(HttpServletResponse response, String refreshTo refreshCookie.setSecure(true); // HTTPS 환경에서만 전송 refreshCookie.setPath("/"); refreshCookie.setAttribute("SameSite", "None"); - //refreshCookie.setDomain(cookieDomain); - refreshCookie.setDomain("43.201.85.194.nip.io"); + refreshCookie.setDomain(".wedit.site"); refreshCookie.setMaxAge((int) TimeUnit.MILLISECONDS.toSeconds(refreshTokenExpiry)); response.addCookie(refreshCookie); diff --git a/src/main/java/com/wedit/weditapp/global/auth/login/controller/AuthController.java b/src/main/java/com/wedit/weditapp/global/auth/login/controller/AuthController.java index f409c14..33a2a1b 100644 --- a/src/main/java/com/wedit/weditapp/global/auth/login/controller/AuthController.java +++ b/src/main/java/com/wedit/weditapp/global/auth/login/controller/AuthController.java @@ -15,7 +15,6 @@ import jakarta.servlet.http.HttpServletResponse; import lombok.RequiredArgsConstructor; -import org.springframework.beans.factory.annotation.Value; import org.springframework.http.ResponseEntity; import org.springframework.web.bind.annotation.*; @@ -26,9 +25,6 @@ @RequiredArgsConstructor public class AuthController { - @Value("${cookie-domain}") - private String cookieDomain; - private final JwtProvider jwtProvider; private final MemberRepository memberRepository; private final RefreshTokenService refreshTokenService; @@ -100,8 +96,7 @@ public ResponseEntity>> logout(HttpServlet private void expireCookie(HttpServletResponse response, String cookieName) { Cookie cookie = new Cookie(cookieName, null); - //cookie.setDomain(cookieDomain); - cookie.setDomain("43.201.85.194.nip.io"); + cookie.setDomain(".wedit.site"); cookie.setPath("/"); cookie.setHttpOnly(true); cookie.setSecure(true); diff --git a/src/main/java/com/wedit/weditapp/global/config/SecurityConfig.java b/src/main/java/com/wedit/weditapp/global/config/SecurityConfig.java index 7cf62be..0bfcd10 100644 --- a/src/main/java/com/wedit/weditapp/global/config/SecurityConfig.java +++ b/src/main/java/com/wedit/weditapp/global/config/SecurityConfig.java @@ -30,9 +30,6 @@ @RequiredArgsConstructor public class SecurityConfig { - // @Value("#{'${cors.allowed-origins}'.split(',')}") - // private String[] allowedOrigins; - private final JwtAuthenticationFilter jwtAuthenticationFilter; private final CustomOAuth2UserService customOAuth2UserService; private final OAuth2LoginSuccessHandler oAuth2LoginSuccessHandler; @@ -63,7 +60,6 @@ public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Excepti "/api/decisions", "/api/comments/**") .permitAll() - //.anyRequest().permitAll() .anyRequest().authenticated() ) // 4. OAuth2 설정 @@ -82,14 +78,14 @@ public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Excepti public CorsConfigurationSource corsConfigurationSource() { CorsConfiguration configuration = new CorsConfiguration(); - //configuration.setAllowedOrigins(Arrays.asList(allowedOrigins)); configuration.setAllowedOrigins(Arrays.asList( "http://localhost:3000", "http://localhost:5173", "http://localhost:8080", "https://wedit.site", - "https://43.201.85.194.nip.io", - "https://wedit.site/oauth/callback/kakao" + "https://wedit.site/oauth/callback/kakao", + "https://api.wedit.site", + "https://api.wedit.site/oauth/callback/kakao" )); configuration.setAllowedMethods(Arrays.asList("GET", "POST", "PATCH", "DELETE", "OPTIONS")); configuration.setAllowedHeaders(Arrays.asList("*"));