Gathering-Organization · hi2242 · Jul 3, 2025 · Jul 2, 2025 · Jul 2, 2025 · Jul 3, 2025
diff --git a/Gathering_be/src/main/java/com/Gathering_be/global/config/SecurityConfig.java b/Gathering_be/src/main/java/com/Gathering_be/global/config/SecurityConfig.java
@@ -9,7 +9,7 @@
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.core.annotation.Order;
-import org.springframework.security.config.Customizer;
+import org.springframework.http.HttpMethod;
 import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
@@ -67,6 +67,7 @@ public SecurityFilterChain swaggerFilterChain(HttpSecurity http) throws Exceptio
     @Order(2)
     public SecurityFilterChain apiFilterChain(HttpSecurity httpSecurity) throws Exception {
         return httpSecurity
+                .securityMatcher("/api/**")
                 .csrf(AbstractHttpConfigurer::disable)
                 .cors(cors -> cors.configure(httpSecurity))
                 .formLogin(AbstractHttpConfigurer::disable)
@@ -80,10 +81,6 @@ public SecurityFilterChain apiFilterChain(HttpSecurity httpSecurity) throws Exce
                 .sessionManagement(sessionManagement ->
                         sessionManagement.sessionCreationPolicy(SessionCreationPolicy.STATELESS)
                 )
-                .oauth2Login(Customizer.withDefaults())
-                .sessionManagement(session ->
-                        session.sessionCreationPolicy(SessionCreationPolicy.STATELESS)
-                )
                 .exceptionHandling(handling -> handling
                         .authenticationEntryPoint((request, response, authException) -> {
                             response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);

diff --git a/Gathering_be/src/main/resources/application-dev.yml b/Gathering_be/src/main/resources/application-dev.yml
@@ -46,9 +46,10 @@ springdoc:
   show-actuator: true
   default-produces-media-type: application/json
 
-swagger:
-  username: ${SWAGGER_USERNAME}
-  password: ${SWAGGER_PASSWORD}
+gathering:
+  swagger:
+    username: ${SWAGGER_USERNAME}
+    password: ${SWAGGER_PASSWORD}
 
 oauth2:
   google:

diff --git a/Gathering_fe/src/components/GoogleRedirectHandler.tsx b/Gathering_fe/src/components/GoogleRedirectHandler.tsx
@@ -14,6 +14,7 @@ const GoogleRedirectHandler: React.FC = () => {
     const handleGoogleLogin = async () => {
       if (code) {
         try {
+          console.log(code);
           const result = await googleLogin(code);
 
           if (result?.success) {

diff --git a/Gathering_fe/src/services/authApi.tsx b/Gathering_fe/src/services/authApi.tsx
@@ -98,8 +98,8 @@ export const googleLogin = async (accessToken: string) => {
     if (response.data.status === 200) {
       const { accessToken, refreshToken } = response.data.data;
 
-      cookies.set('accessToken', accessToken, { path: '/', secure: true, sameSite: 'strict' });
-      cookies.set('refreshToken', refreshToken, { path: '/', secure: true, sameSite: 'strict' });
+      cookies.set('accessToken', accessToken, { path: '/', secure: true, sameSite: 'lax' });
+      cookies.set('refreshToken', refreshToken, { path: '/', secure: true, sameSite: 'lax' });
 
       return { success: true, message: response.data.message };
     }