FIX : header에 토큰저장

Dongnaebangnae · May 4, 2024 · b0024de · b0024de
1 parent 963419b
commit b0024de
Show file tree

Hide file tree

Showing 3 changed files with 7 additions and 7 deletions.
diff --git a/src/main/java/com/nawabali/nawabali/security/Jwt/JwtAuthenticationFilter.java b/src/main/java/com/nawabali/nawabali/security/Jwt/JwtAuthenticationFilter.java
@@ -75,7 +75,7 @@ protected void successfulAuthentication(HttpServletRequest request, HttpServletR
         log.info("accessCookie value : " + accessCookie.getValue());
         log.info("refreshCookie value : " + refreshCookie.getValue());
         response.addHeader(JwtUtil.AUTHORIZATION_HEADER, token);
-        response.addHeader(JwtUtil.AUTHORIZATION_HEADER, String.format("%s; Secure; HttpOnly; SameSite=None;",token));
+//        response.addHeader(JwtUtil.AUTHORIZATION_HEADER, String.format("%s; Secure; HttpOnly; SameSite=None;",token));
 
         // refresh 토큰 redis에 저장
         redisTool.setValues(token.substring(7), refreshCookie.getValue(), Duration.ofMillis(jwtUtil.REFRESH_EXPIRATION_TIME));

diff --git a/src/main/java/com/nawabali/nawabali/security/Jwt/JwtAuthorizationFilter.java b/src/main/java/com/nawabali/nawabali/security/Jwt/JwtAuthorizationFilter.java
@@ -41,12 +41,12 @@ public class JwtAuthorizationFilter extends OncePerRequestFilter {
 
     @Override
     protected void doFilterInternal(HttpServletRequest req, HttpServletResponse res, FilterChain filterChain) throws ServletException, IOException {
-        String accessToken = jwtUtil.getTokenFromCookieAndName(req, JwtUtil.AUTHORIZATION_HEADER);
-//        String accessToken = jwtUtil.getJwtFromHeader(req);
+//        String accessToken = jwtUtil.getTokenFromCookieAndName(req, JwtUtil.AUTHORIZATION_HEADER);
+        String accessToken = jwtUtil.getJwtFromHeader(req);
         log.info("accessToken : "+ accessToken);
         if(StringUtils.hasText(accessToken)){
             // 토큰 유무 확인
-            accessToken = jwtUtil.substringToken(accessToken);
+//            accessToken = jwtUtil.substringToken(accessToken);
             String refreshToken =redisTool.getValues(accessToken);
             log.info("저장된 refreshToken :" + refreshToken);
 
@@ -71,7 +71,7 @@ protected void doFilterInternal(HttpServletRequest req, HttpServletResponse res,
                     Cookie newAcessCookie = jwtUtil.createAccessCookie(newAccessToken);
                     log.info("발급한 유저의 email : " + email);
                     res.addHeader(JwtUtil.AUTHORIZATION_HEADER, newAccessToken);
-                    res.addHeader(JwtUtil.AUTHORIZATION_HEADER, String.format("%s; Secure; HttpOnly; SameSite=None;",newAccessToken));
+//                    res.addHeader(JwtUtil.AUTHORIZATION_HEADER, String.format("%s; Secure; HttpOnly; SameSite=None;",newAccessToken));
 
                     redisTool.deleteValues(accessToken);
                     log.info("기존 refreshToken 삭제 key :" + accessToken );

diff --git a/src/main/java/com/nawabali/nawabali/service/KakaoService.java b/src/main/java/com/nawabali/nawabali/service/KakaoService.java
@@ -162,8 +162,8 @@ private String jwtTokenCreate(User kakaoUser , HttpServletResponse response) thr
         log.info("accessCookie value : " + accessCookie.getValue());
         log.info("refreshCookie value : " + refreshCookie.getValue());
         // 6. 헤더 및 쿠키에 저장
-        response.addHeader(JwtUtil.AUTHORIZATION_HEADER, token);
-        response.addHeader(JwtUtil.AUTHORIZATION_HEADER, String.format("%s; Secure; HttpOnly; SameSite=None;",token));
+//        response.addHeader(JwtUtil.AUTHORIZATION_HEADER, token);
+        response.addHeader("Set-Cookie", String.format("%s; Secure; HttpOnly; SameSite=None;",token));
 
 
         // 7. refresh 토큰 redis에 저장