Merge pull request #211 from OutDecision/issue/197

[UPDATE]: 로그인 쿠키 설정
OutDecision · May 26, 2024 · 4d9a6c8 · 4d9a6c8
2 parents 3229058 + f616e29
commit 4d9a6c8
Show file tree

Hide file tree

Showing 3 changed files with 19 additions and 8 deletions.
diff --git a/src/main/java/KGUcapstone/OutDecision/domain/user/controller/TokenController.java b/src/main/java/KGUcapstone/OutDecision/domain/user/controller/TokenController.java
@@ -9,7 +9,6 @@
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
 import org.springframework.util.StringUtils;
-import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestHeader;
 import org.springframework.web.bind.annotation.RestController;
@@ -35,14 +34,12 @@ public ApiResponse<Object> logout(HttpServletResponse response) {
         return ApiResponse.onSuccess(null);
     }
 
-    @GetMapping("/token/refresh")
+    @PostMapping("/token/refresh")
     public ResponseEntity<ApiResponse<Object>> refresh(HttpServletResponse response) {
         String accessToken = findMemberService.getTokenFromCookies();
-        System.out.println("accessToken = " + accessToken);
         String newAccessToken = tokenService.republishAccessToken(accessToken, response);
-        System.out.println("newAccessToken = " + newAccessToken);
         if (StringUtils.hasText(newAccessToken)) {
-            System.out.println("변경 완");
+            // 클라이언트에게 응답할 때 쿠키를 변경한다.
             return ResponseEntity.ok(ApiResponse.onSuccess(newAccessToken));
         }
 

diff --git a/src/main/java/KGUcapstone/OutDecision/domain/user/service/auth/TokenService.java b/src/main/java/KGUcapstone/OutDecision/domain/user/service/auth/TokenService.java
@@ -54,6 +54,7 @@ public String republishAccessToken(String accessToken, HttpServletResponse respo
             // 액세스 토큰의 값을 수정해준다.
             resultToken.updateAccessToken(newAccessToken);
             tokenRepository.save(resultToken);
+            addCookie(response, "Authorization", newAccessToken, 60*60);
             log.info("Attempting to republish accessToken: {}", newAccessToken);
             // 새로운 액세스 토큰을 반환해준다.
             return newAccessToken;

diff --git a/src/main/java/KGUcapstone/OutDecision/global/security/filter/JwtAuthFilter.java b/src/main/java/KGUcapstone/OutDecision/global/security/filter/JwtAuthFilter.java
@@ -58,10 +58,23 @@ protected void doFilterInternal(HttpServletRequest request, HttpServletResponse
             String newAccessToken = tokenService.republishAccessToken(atc, response);
 
             if (newAccessToken != null) {
-                addCookie(response, "Authorization", newAccessToken, 60 * 60);
                 log.info("토큰 발급 완료 필터 newAccessToken = {}", newAccessToken);
 
-                filterChain.doFilter(request, response);
+                // 원래 요청을 새로 만든 토큰으로 다시 수행
+                HttpServletRequestWrapper requestWrapper = new HttpServletRequestWrapper(request) {
+                    @Override
+                    public Cookie[] getCookies() {
+                        Cookie[] cookies = super.getCookies();
+                        for (Cookie cookie : cookies) {
+                            if ("Authorization".equals(cookie.getName())) {
+                                cookie.setValue(newAccessToken);
+                            }
+                        }
+                        return cookies;
+                    }
+                };
+
+                filterChain.doFilter(requestWrapper, response);
                 return;
             } else {
                 log.error("새로운 토큰 발급 실패");
@@ -95,4 +108,4 @@ public Authentication getAuthentication(SecurityUserDto member) {
         return new UsernamePasswordAuthenticationToken(member, "",
                 List.of(new SimpleGrantedAuthority(member.getRole())));
     }
-}
+}