diff --git a/Gathering_be/src/main/java/com/Gathering_be/global/config/SecurityConfig.java b/Gathering_be/src/main/java/com/Gathering_be/global/config/SecurityConfig.java index 34d25a2..2b7fe8a 100644 --- a/Gathering_be/src/main/java/com/Gathering_be/global/config/SecurityConfig.java +++ b/Gathering_be/src/main/java/com/Gathering_be/global/config/SecurityConfig.java @@ -9,7 +9,7 @@ import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.core.annotation.Order; -import org.springframework.security.config.Customizer; +import org.springframework.http.HttpMethod; import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; @@ -67,6 +67,7 @@ public SecurityFilterChain swaggerFilterChain(HttpSecurity http) throws Exceptio @Order(2) public SecurityFilterChain apiFilterChain(HttpSecurity httpSecurity) throws Exception { return httpSecurity + .securityMatcher("/api/**") .csrf(AbstractHttpConfigurer::disable) .cors(cors -> cors.configure(httpSecurity)) .formLogin(AbstractHttpConfigurer::disable) @@ -80,10 +81,6 @@ public SecurityFilterChain apiFilterChain(HttpSecurity httpSecurity) throws Exce .sessionManagement(sessionManagement -> sessionManagement.sessionCreationPolicy(SessionCreationPolicy.STATELESS) ) - .oauth2Login(Customizer.withDefaults()) - .sessionManagement(session -> - session.sessionCreationPolicy(SessionCreationPolicy.STATELESS) - ) .exceptionHandling(handling -> handling .authenticationEntryPoint((request, response, authException) -> { response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); diff --git a/Gathering_be/src/main/resources/application-dev.yml b/Gathering_be/src/main/resources/application-dev.yml index e523819..2196524 100644 --- a/Gathering_be/src/main/resources/application-dev.yml +++ b/Gathering_be/src/main/resources/application-dev.yml @@ -46,9 +46,10 @@ springdoc: show-actuator: true default-produces-media-type: application/json -swagger: - username: ${SWAGGER_USERNAME} - password: ${SWAGGER_PASSWORD} +gathering: + swagger: + username: ${SWAGGER_USERNAME} + password: ${SWAGGER_PASSWORD} oauth2: google: diff --git a/Gathering_fe/src/components/GoogleRedirectHandler.tsx b/Gathering_fe/src/components/GoogleRedirectHandler.tsx index faf9f3c..3d6802f 100644 --- a/Gathering_fe/src/components/GoogleRedirectHandler.tsx +++ b/Gathering_fe/src/components/GoogleRedirectHandler.tsx @@ -14,6 +14,7 @@ const GoogleRedirectHandler: React.FC = () => { const handleGoogleLogin = async () => { if (code) { try { + console.log(code); const result = await googleLogin(code); if (result?.success) { diff --git a/Gathering_fe/src/services/authApi.tsx b/Gathering_fe/src/services/authApi.tsx index 6c23e3d..8a42e1a 100644 --- a/Gathering_fe/src/services/authApi.tsx +++ b/Gathering_fe/src/services/authApi.tsx @@ -98,8 +98,8 @@ export const googleLogin = async (accessToken: string) => { if (response.data.status === 200) { const { accessToken, refreshToken } = response.data.data; - cookies.set('accessToken', accessToken, { path: '/', secure: true, sameSite: 'strict' }); - cookies.set('refreshToken', refreshToken, { path: '/', secure: true, sameSite: 'strict' }); + cookies.set('accessToken', accessToken, { path: '/', secure: true, sameSite: 'lax' }); + cookies.set('refreshToken', refreshToken, { path: '/', secure: true, sameSite: 'lax' }); return { success: true, message: response.data.message }; }