deploy 1.13.4

rvbear · web-flow · commit 7fda0b5e0e67 · 2025-06-23T14:36:57.000+09:00
배포 1.13.4
diff --git a/src/main/java/com/day_walk/backend/domain/user/controller/UserController.java b/src/main/java/com/day_walk/backend/domain/user/controller/UserController.java
@@ -13,6 +13,7 @@
 import jakarta.servlet.http.HttpServletResponse;
 import lombok.RequiredArgsConstructor;
 import org.springframework.http.HttpStatus;
+import org.springframework.http.ResponseCookie;
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.*;
 
@@ -83,9 +84,11 @@ public ResponseEntity<Map<String, Object>> signIn(@RequestBody SignInUserDto sig
         response.put("userInfo", getUserBySignInDto);
 
         if (getUserBySignInDto != null) {
-            httpResponse.addCookie(generateCookie.exec("accessToken", jwtUtil.generateAccessToken(getUserBySignInDto.getUserId(), userService.getUserRole(getUserBySignInDto.getUserId()))));
+            ResponseCookie accessCookie = generateCookie.exec("accessToken", jwtUtil.generateAccessToken(getUserBySignInDto.getUserId(), userService.getUserRole(getUserBySignInDto.getUserId())));
+            ResponseCookie refreshCookie = generateCookie.exec("refreshToken", jwtUtil.generateRefreshToken(getUserBySignInDto.getUserId()));
 
-            httpResponse.addCookie(generateCookie.exec("refreshToken", jwtUtil.generateRefreshToken(getUserBySignInDto.getUserId())));
+            httpResponse.addHeader("Set-Cookie", accessCookie.toString());
+            httpResponse.addHeader("Set-Cookie", refreshCookie.toString());
 
             return ResponseEntity.status(HttpStatus.OK).body(response);
         }
diff --git a/src/main/java/com/day_walk/backend/global/token/GenerateCookie.java b/src/main/java/com/day_walk/backend/global/token/GenerateCookie.java
@@ -1,16 +1,21 @@
 package com.day_walk.backend.global.token;
 
-import jakarta.servlet.http.Cookie;
+import org.springframework.http.ResponseCookie;
 import org.springframework.stereotype.Component;
 
+import java.time.Duration;
+
 @Component
 public class GenerateCookie {
-    public Cookie exec(String tokenName, String token) {
-        Cookie cookie = new Cookie(tokenName, token);
-        cookie.setPath("/");
-        cookie.setHttpOnly(true);
-        cookie.setSecure(true);
-        cookie.setMaxAge(60*60*24);
+    public ResponseCookie exec(String tokenName, String token) {
+        ResponseCookie cookie = ResponseCookie
+                .from(tokenName, token)
+                .httpOnly(true)
+                .secure(true)
+                .sameSite("None")
+                .path("/")
+                .maxAge(Duration.ofDays(1))
+                .build();
 
         return cookie;
     }
diff --git a/src/main/java/com/day_walk/backend/global/token/JwtAuthenticationFilter.java b/src/main/java/com/day_walk/backend/global/token/JwtAuthenticationFilter.java
@@ -13,6 +13,7 @@
 import jakarta.servlet.http.HttpServletResponse;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
+import org.springframework.http.ResponseCookie;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.core.authority.SimpleGrantedAuthority;
@@ -44,8 +45,8 @@ private String getTokenFromCookies(Cookie[] cookies, String tokenName) {
     }
 
     public void addToken(HttpServletResponse response, String tokenName, String token) {
-        Cookie cookie = generateCookie.exec(tokenName, token);
-        response.addCookie(cookie);
+        ResponseCookie responseCookie = generateCookie.exec(tokenName, token);
+        response.addHeader("Set-Cookie", responseCookie.toString());
     }
 
     @Override
