diff --git a/src/main/java/univ/yesummit/global/auth/config/SecurityConfig.java b/src/main/java/univ/yesummit/global/auth/config/SecurityConfig.java index 1504265..76b6657 100644 --- a/src/main/java/univ/yesummit/global/auth/config/SecurityConfig.java +++ b/src/main/java/univ/yesummit/global/auth/config/SecurityConfig.java @@ -6,7 +6,6 @@ import jakarta.servlet.http.HttpServletResponse; import lombok.RequiredArgsConstructor; import lombok.extern.slf4j.Slf4j; -import org.springframework.beans.factory.annotation.Value; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; @@ -14,15 +13,11 @@ import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer; -import org.springframework.security.config.annotation.web.configurers.HeadersConfigurer; import org.springframework.security.config.http.SessionCreationPolicy; import org.springframework.security.core.Authentication; import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.security.web.SecurityFilterChain; import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; -import org.springframework.web.cors.CorsConfiguration; -import org.springframework.web.cors.CorsConfigurationSource; -import org.springframework.web.cors.UrlBasedCorsConfigurationSource; import org.springframework.web.filter.OncePerRequestFilter; import univ.yesummit.global.auth.util.JwtUtils; import univ.yesummit.global.oauth.OAuth2MemberService; @@ -56,9 +51,6 @@ public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Excepti // csrf 차단 .csrf(AbstractHttpConfigurer::disable) - // cors 설정 -// .cors(cors -> cors.configurationSource(corsConfigurationSource())) - // 시큐리티 기본 로그인 비활성화 .formLogin(AbstractHttpConfigurer::disable) .httpBasic(AbstractHttpConfigurer::disable) @@ -99,22 +91,6 @@ public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Excepti .build(); } -// @Value("${cors.allowed-origins") -// private List allowOriginList; - -// @Bean -// public CorsConfigurationSource corsConfigurationSource() { -// CorsConfiguration configuration = new CorsConfiguration(); -// configuration.addAllowedOrigin("http://localhost:3000"); // 클라이언트 주소 -// configuration.addAllowedMethod("*"); -// configuration.addAllowedHeader("*"); -// configuration.setAllowCredentials(true); -// configuration.addExposedHeader("Authorization"); -// UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); -// source.registerCorsConfiguration("/**", configuration); -// return source; -// } - public class JwtAuthenticationFilter extends OncePerRequestFilter { private final JwtUtils jwtUtils; diff --git a/src/main/java/univ/yesummit/global/auth/config/WebMvcConfig.java b/src/main/java/univ/yesummit/global/auth/config/WebMvcConfig.java index 372fcdd..994eaed 100644 --- a/src/main/java/univ/yesummit/global/auth/config/WebMvcConfig.java +++ b/src/main/java/univ/yesummit/global/auth/config/WebMvcConfig.java @@ -17,15 +17,6 @@ public class WebMvcConfig implements WebMvcConfigurer { private final AuthArgumentResolver authArgumentResolver; -// @Override -// public void addCorsMappings(final CorsRegistry registry ){ -// registry.addMapping("/**") -// .allowedOriginPatterns("*") -// .allowedMethods("PATCH","GET","POST","PUT","DELETE","HEAD","OPTIONS") -// .allowedHeaders("*") -// .allowCredentials(true); -// } - @Override public void addArgumentResolvers(List resolvers) { WebMvcConfigurer.super.addArgumentResolvers(resolvers); // 기존 Resolver diff --git a/src/main/java/univ/yesummit/global/auth/controller/AuthController.java b/src/main/java/univ/yesummit/global/auth/controller/AuthController.java index 796522b..4180dda 100644 --- a/src/main/java/univ/yesummit/global/auth/controller/AuthController.java +++ b/src/main/java/univ/yesummit/global/auth/controller/AuthController.java @@ -1,18 +1,11 @@ package univ.yesummit.global.auth.controller; import io.swagger.v3.oas.annotations.Operation; -import jakarta.servlet.http.HttpServletRequest; -import jakarta.servlet.http.HttpSession; -import org.springframework.http.ResponseEntity; import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RestController; import org.springframework.web.servlet.view.RedirectView; - -import java.util.HashMap; -import java.util.Map; - @RestController @RequestMapping("/v1/api/kakao") public class AuthController { @@ -22,18 +15,4 @@ public class AuthController { public RedirectView login() { return new RedirectView("/oauth2/authorization/kakao"); } - - @GetMapping("/status") - @Operation(summary = "로그인 상태 확인", description = "사용자의 로그인 상태를 확인합니다.") - public ResponseEntity> getLoginStatus(HttpServletRequest request) { - // 쿠키 또는 세션에서 로그인 상태를 확인 - HttpSession session = request.getSession(false); // 세션이 없으면 null 반환 - boolean loggedIn = session != null && session.getAttribute("user") != null; - - // 응답 데이터 생성 - Map response = new HashMap<>(); - response.put("loggedIn", loggedIn); - - return ResponseEntity.ok(response); - } -} \ No newline at end of file +} diff --git a/src/main/java/univ/yesummit/global/oauth/OAuth2SuccessHandler.java b/src/main/java/univ/yesummit/global/oauth/OAuth2SuccessHandler.java index cf1ca06..37d5f4e 100644 --- a/src/main/java/univ/yesummit/global/oauth/OAuth2SuccessHandler.java +++ b/src/main/java/univ/yesummit/global/oauth/OAuth2SuccessHandler.java @@ -44,34 +44,20 @@ public void onAuthenticationSuccess(HttpServletRequest request, HttpServletRespo throw new RuntimeException(e); } - // 토큰을 HttpOnly 쿠키에 저장 - int accessTokenMaxAge = jwtUtils.getAccessExpiration().intValue() / 1000; // 초 단위로 변환 - int refreshTokenMaxAge = jwtUtils.getRefreshExpiration().intValue() / 1000; + // 첫 로그인 여부 확인 + boolean isFirstLogin = memberService.isFirstLogin(memberId); - ResponseCookie accessTokenCookie = ResponseCookie.from("accessToken", accessToken) - .httpOnly(true) - .secure(true) // HTTPS에서만 동작 - .sameSite("None") - .path("/") - .maxAge(accessTokenMaxAge) - .build(); + // JSON 응답으로 전달할 데이터 생성 + Map responseData = new HashMap<>(); + responseData.put("accessToken", accessToken); + responseData.put("refreshToken", refreshToken); + responseData.put("firstLogin", isFirstLogin); - ResponseCookie refreshTokenCookie = ResponseCookie.from("refreshToken", refreshToken) - .httpOnly(true) - .secure(true) - .sameSite("None") - .path("/") - .maxAge(refreshTokenMaxAge) - .build(); + // JSON 응답 설정 + response.setContentType("application/json"); + response.setCharacterEncoding("UTF-8"); - response.addHeader("Set-Cookie", accessTokenCookie.toString()); - response.addHeader("Set-Cookie", refreshTokenCookie.toString()); - - // 첫 로그인 여부에 따라 리다이렉트 - if (memberService.isFirstLogin(memberId)) { - response.sendRedirect("http://localhost:3000/signup"); - } else { - response.sendRedirect("http://localhost:3000/home"); - } + // JSON 데이터를 응답으로 전송 + new ObjectMapper().writeValue(response.getWriter(), responseData); } } \ No newline at end of file