🚑 fix: Add cookie domain

- 쿠키 도메인 정보 추가 Related: #42
local-mood · Dec 23, 2023 · 384e2b3 · 384e2b3
1 parent 36503e5
commit 384e2b3
Show file tree

Hide file tree

Showing 2 changed files with 9 additions and 1 deletion.
diff --git a/src/main/java/com/ceos/vote/auth/controller/AuthController.java b/src/main/java/com/ceos/vote/auth/controller/AuthController.java
@@ -9,6 +9,7 @@
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.validation.Valid;
 import lombok.RequiredArgsConstructor;
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.boot.web.server.Cookie;
 import org.springframework.http.*;
 import org.springframework.web.bind.annotation.*;
@@ -18,6 +19,9 @@
 @RequiredArgsConstructor
 public class AuthController {
 
+    @Value("${domain}")
+    private String domain;
+
     private final long COOKIE_EXPIRATION = 7776000; // 90일
 
     private final AuthService authService;
@@ -38,6 +42,7 @@ public ResponseEntity<?> login(@RequestBody LoginRequestDto loginRequest) {
         HttpCookie httpCookie = ResponseCookie.from("refresh-token", tokenDto.getRefreshToken())
                 .maxAge(COOKIE_EXPIRATION)
                 .path("/")
+                .domain(domain)
                 .httpOnly(true)
                 .secure(true)
                 .sameSite(Cookie.SameSite.NONE.attributeValue())    //서드파티 쿠키 사용 허용
@@ -76,6 +81,7 @@ public ResponseEntity<?> reissue(@CookieValue("refresh-token") String requestRef
             ResponseCookie responseCookie = ResponseCookie.from("refresh-token", newAuthToken.getRefreshToken())
                     .maxAge(COOKIE_EXPIRATION)
                     .path("/")
+                    .domain(domain)
                     .httpOnly(true)
                     .secure(true)
                     .sameSite(Cookie.SameSite.NONE.attributeValue())

diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml
@@ -42,4 +42,6 @@ server:
 
 springdoc:
   swagger-ui:
-    path: /swagger-vote.html
+    path: /swagger-vote.html
+
+domain: ENC(wtMoW4E5IOZgq215uWHzGsBlrqecbyNr9lsrql5da0LFtz4cywsN8Fap3bhNqVYQ0RuvblLIewQZo+u8pBCaFA==)