diff --git a/src/main/java/com/nawabali/nawabali/security/Jwt/JwtAuthenticationFilter.java b/src/main/java/com/nawabali/nawabali/security/Jwt/JwtAuthenticationFilter.java index f1f1a00..02d84fc 100644 --- a/src/main/java/com/nawabali/nawabali/security/Jwt/JwtAuthenticationFilter.java +++ b/src/main/java/com/nawabali/nawabali/security/Jwt/JwtAuthenticationFilter.java @@ -75,7 +75,7 @@ protected void successfulAuthentication(HttpServletRequest request, HttpServletR log.info("accessCookie value : " + accessCookie.getValue()); log.info("refreshCookie value : " + refreshCookie.getValue()); response.addHeader(JwtUtil.AUTHORIZATION_HEADER, token); - response.addHeader(JwtUtil.AUTHORIZATION_HEADER, String.format("%s; Secure; HttpOnly; SameSite=None;",token)); +// response.addHeader(JwtUtil.AUTHORIZATION_HEADER, String.format("%s; Secure; HttpOnly; SameSite=None;",token)); // refresh 토큰 redis에 저장 redisTool.setValues(token.substring(7), refreshCookie.getValue(), Duration.ofMillis(jwtUtil.REFRESH_EXPIRATION_TIME)); diff --git a/src/main/java/com/nawabali/nawabali/security/Jwt/JwtAuthorizationFilter.java b/src/main/java/com/nawabali/nawabali/security/Jwt/JwtAuthorizationFilter.java index 01a62de..d211c2b 100644 --- a/src/main/java/com/nawabali/nawabali/security/Jwt/JwtAuthorizationFilter.java +++ b/src/main/java/com/nawabali/nawabali/security/Jwt/JwtAuthorizationFilter.java @@ -41,12 +41,12 @@ public class JwtAuthorizationFilter extends OncePerRequestFilter { @Override protected void doFilterInternal(HttpServletRequest req, HttpServletResponse res, FilterChain filterChain) throws ServletException, IOException { - String accessToken = jwtUtil.getTokenFromCookieAndName(req, JwtUtil.AUTHORIZATION_HEADER); -// String accessToken = jwtUtil.getJwtFromHeader(req); +// String accessToken = jwtUtil.getTokenFromCookieAndName(req, JwtUtil.AUTHORIZATION_HEADER); + String accessToken = jwtUtil.getJwtFromHeader(req); log.info("accessToken : "+ accessToken); if(StringUtils.hasText(accessToken)){ // 토큰 유무 확인 - accessToken = jwtUtil.substringToken(accessToken); +// accessToken = jwtUtil.substringToken(accessToken); String refreshToken =redisTool.getValues(accessToken); log.info("저장된 refreshToken :" + refreshToken); @@ -71,7 +71,7 @@ protected void doFilterInternal(HttpServletRequest req, HttpServletResponse res, Cookie newAcessCookie = jwtUtil.createAccessCookie(newAccessToken); log.info("발급한 유저의 email : " + email); res.addHeader(JwtUtil.AUTHORIZATION_HEADER, newAccessToken); - res.addHeader(JwtUtil.AUTHORIZATION_HEADER, String.format("%s; Secure; HttpOnly; SameSite=None;",newAccessToken)); +// res.addHeader(JwtUtil.AUTHORIZATION_HEADER, String.format("%s; Secure; HttpOnly; SameSite=None;",newAccessToken)); redisTool.deleteValues(accessToken); log.info("기존 refreshToken 삭제 key :" + accessToken ); diff --git a/src/main/java/com/nawabali/nawabali/service/KakaoService.java b/src/main/java/com/nawabali/nawabali/service/KakaoService.java index 2396dad..e568240 100644 --- a/src/main/java/com/nawabali/nawabali/service/KakaoService.java +++ b/src/main/java/com/nawabali/nawabali/service/KakaoService.java @@ -162,8 +162,8 @@ private String jwtTokenCreate(User kakaoUser , HttpServletResponse response) thr log.info("accessCookie value : " + accessCookie.getValue()); log.info("refreshCookie value : " + refreshCookie.getValue()); // 6. 헤더 및 쿠키에 저장 - response.addHeader(JwtUtil.AUTHORIZATION_HEADER, token); - response.addHeader(JwtUtil.AUTHORIZATION_HEADER, String.format("%s; Secure; HttpOnly; SameSite=None;",token)); +// response.addHeader(JwtUtil.AUTHORIZATION_HEADER, token); + response.addHeader("Set-Cookie", String.format("%s; Secure; HttpOnly; SameSite=None;",token)); // 7. refresh 토큰 redis에 저장