fix: 쿠키 범용 처리 (#603) (#604)

woowacourse-teams · Sep 26, 2024 · 157de88 · 157de88
1 parent dcba85b
commit 157de88
Show file tree

Hide file tree

Showing 5 changed files with 13 additions and 11 deletions.
diff --git a/backend/src/main/java/site/coduo/member/controller/AuthController.java b/backend/src/main/java/site/coduo/member/controller/AuthController.java
@@ -5,6 +5,7 @@
 
 import java.net.URI;
 
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.http.HttpHeaders;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseCookie;
@@ -33,12 +34,15 @@ public class AuthController implements AuthControllerDocs {
     private final AuthService authService;
     private final MemberService memberService;
 
+    @Value("${front.url}")
+    private String frontUrl;
+
     @GetMapping("/sign-out")
     public ResponseEntity<Void> signOut(@CookieValue(name = SIGN_IN_COOKIE_NAME) final String signInToken) {
         final SignInCookie cookie = new SignInCookie(signInToken);
 
         return ResponseEntity.ok()
-                .header(HttpHeaders.SET_COOKIE, cookie.expire().toString())
+                .header(HttpHeaders.SET_COOKIE, cookie.expire(frontUrl).toString())
                 .build();
     }
 
@@ -58,7 +62,7 @@ public ResponseEntity<SignInWebResponse> signInCallback(
             @SessionAttribute(name = ACCESS_TOKEN_SESSION_NAME) final String accessToken
     ) {
         final SignInServiceResponse serviceResponse = authService.createSignInToken(accessToken);
-        final ResponseCookie cookie = new SignInCookie(serviceResponse.token()).generate();
+        final ResponseCookie cookie = new SignInCookie(serviceResponse.token()).generate(frontUrl);
 
         return ResponseEntity.ok()
                 .header(HttpHeaders.SET_COOKIE, cookie.toString())

diff --git a/backend/src/main/java/site/coduo/member/controller/GithubOAuthController.java b/backend/src/main/java/site/coduo/member/controller/GithubOAuthController.java
@@ -56,7 +56,7 @@ public ResponseEntity<Void> getAccessToken(@ModelAttribute final GithubCallbackQ
         session.setMaxInactiveInterval(ACCESS_TOKEN_EXPIRE_IN_SECOND);
 
         return ResponseEntity.status(HttpStatus.FOUND)
-                .location(URI.create(frontUrl + "/callback"))
+                .location(URI.create("https://" + frontUrl + "/callback"))
                 .build();
     }
 }
diff --git a/backend/src/main/java/site/coduo/member/service/dto/auth/SignInCookie.java b/backend/src/main/java/site/coduo/member/service/dto/auth/SignInCookie.java
@@ -8,22 +8,20 @@
 
 public record SignInCookie(String credential) {
 
-    private static final String SERVICE_DOMAIN_NAME = "coduo.site";
-
-    public ResponseCookie generate() {
+    public ResponseCookie generate(final String domain) {
         return ResponseCookie.from(SIGN_IN_COOKIE_NAME)
                 .value(credential)
                 .httpOnly(true)
                 .secure(true)
-                .domain(SERVICE_DOMAIN_NAME)
+                .domain(domain)
                 .path("/")
                 .build();
     }
 
-    public ResponseCookie expire() {
+    public ResponseCookie expire(final String domain) {
         return ResponseCookie.from(SIGN_IN_COOKIE_NAME)
                 .maxAge(Duration.ZERO)
-                .domain(SERVICE_DOMAIN_NAME)
+                .domain(domain)
                 .path("/")
                 .build();
     }

diff --git a/backend/src/main/resources/application-prod.yml b/backend/src/main/resources/application-prod.yml
@@ -40,7 +40,7 @@ oauth:
     redirect-uri: ${CLIENT_REDIRECT_URI}
 
 front:
-  url: https://coduo.site
+  url: coduo.site
 
 jwt:
   sign-key: ${JWT_KEY}
diff --git a/backend/src/main/resources/application-test.yml b/backend/src/main/resources/application-test.yml
@@ -41,7 +41,7 @@ oauth:
     redirect-uri: ${CLIENT_REDIRECT_URI}
 
 front:
-  url: https://test.coduo.site
+  url: test.coduo.site
 
 jwt:
   sign-key: ${JWT_KEY}