diff --git a/src/main/java/com/readyvery/readyverydemo/security/config/SpringSecurityConfig.java b/src/main/java/com/readyvery/readyverydemo/security/config/SpringSecurityConfig.java index 59d3c15..c692a03 100644 --- a/src/main/java/com/readyvery/readyverydemo/security/config/SpringSecurityConfig.java +++ b/src/main/java/com/readyvery/readyverydemo/security/config/SpringSecurityConfig.java @@ -59,7 +59,8 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { "/login", "/api/v1/store/**", "/api/v1/board/**", - "/api/v1/order/current" + "/api/v1/order/current", + "/api/v1/auth" ).permitAll() // 위를 제외한 나머지는 모두 허용 .anyRequest().authenticated() // 해당 요청은 인증이 필요함 ) diff --git a/src/main/java/com/readyvery/readyverydemo/security/jwt/service/JwtService.java b/src/main/java/com/readyvery/readyverydemo/security/jwt/service/JwtService.java index 7e94fbf..5623b92 100644 --- a/src/main/java/com/readyvery/readyverydemo/security/jwt/service/JwtService.java +++ b/src/main/java/com/readyvery/readyverydemo/security/jwt/service/JwtService.java @@ -50,6 +50,10 @@ public class JwtService { private String refreshCookie; @Value("${jwt.redirect-uri}") private String frontendUrl; + @Value("${jwt.access.cookie.domain}") + private String accessCookieDomain; + @Value("${jwt.refresh.cookie.domain}") + private String refreshCookieDomain; /** * AccessToken 생성 메소드 @@ -154,6 +158,8 @@ public void setAccessTokenCookie(HttpServletResponse response, String accessToke //accessTokenCookie.setHttpOnly(true); // JavaScript가 쿠키를 읽는 것을 방지 accessTokenCookie.setPath("/"); // 쿠키 경로 설정 + accessTokenCookie.setDomain(accessCookieDomain); + // 필요한 경우 Secure 플래그 설정 (HTTPS에서만 쿠키 전송) //accessTokenCookie.setSecure(true); @@ -171,11 +177,13 @@ public void setAccessTokenCookie(HttpServletResponse response, String accessToke /** * RefreshToken 헤더 설정 */ - public void setRefreshTokenCookie(HttpServletResponse response, String accessToken) { - Cookie refreshTokenCookie = new Cookie(refreshCookie, accessToken); // 쿠키 생성 + public void setRefreshTokenCookie(HttpServletResponse response, String refreshToken) { + Cookie refreshTokenCookie = new Cookie(refreshCookie, refreshToken); // 쿠키 생성 refreshTokenCookie.setHttpOnly(true); // JavaScript가 쿠키를 읽는 것을 방지 refreshTokenCookie.setPath("/api/v1/refresh/token"); // 쿠키 경로 설정 + refreshTokenCookie.setDomain(refreshCookieDomain); + // 필요한 경우 Secure 플래그 설정 (HTTPS에서만 쿠키 전송) // accessTokenCookie.setSecure(true); @@ -183,7 +191,7 @@ public void setRefreshTokenCookie(HttpServletResponse response, String accessTok // accessTokenCookie.setSameSite("Strict"); // 쿠키 만료 시간 설정 (예: 액세스 토큰 만료 시간과 같게 설정) - refreshTokenCookie.setMaxAge(accessTokenExpirationPeriod.intValue()); // 초 단위로 설정 + refreshTokenCookie.setMaxAge(refreshTokenExpirationPeriod.intValue()); // 초 단위로 설정 response.addCookie(refreshTokenCookie); // 응답에 쿠키 추가 } diff --git a/src/main/java/com/readyvery/readyverydemo/src/board/dto/BoardMapper.java b/src/main/java/com/readyvery/readyverydemo/src/board/dto/BoardMapper.java index 4b1b5f7..60cca00 100644 --- a/src/main/java/com/readyvery/readyverydemo/src/board/dto/BoardMapper.java +++ b/src/main/java/com/readyvery/readyverydemo/src/board/dto/BoardMapper.java @@ -30,7 +30,20 @@ public BoardSearchRes toBoardSearchRes(List stores) { throw new BusinessLogicException(ExceptionCode.STORE_NOT_FOUND); } return BoardSearchRes.builder() - .stores(stores.stream().map(this::toStoreDto).toList()) + .stores(stores.stream().map(this::toSearchStoreDto).toList()) + .build(); + } + + private StoreDto toSearchStoreDto(Store store) { + return StoreDto.builder() + .idx(store.getId()) + .name(store.getName()) + .address(store.getAddress()) + .imgUrl(store.getImgs().stream() + .filter(storeImg -> storeImg.getImgSize().equals(ImgSize.CAFE_LOGO)) + .findFirst() + .map(storeImg -> IMG_URL + store.getEngName() + "/" + storeImg.getImgUrl()) + .orElse(null)) .build(); } diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties index 2078b44..bd2b58a 100644 --- a/src/main/resources/application.properties +++ b/src/main/resources/application.properties @@ -15,6 +15,8 @@ jwt.access.cookie=accessToken jwt.refresh.expiration=604800 jwt.refresh.cookie=refreshToken jwt.redirect-uri=http://localhost:3000/login +jwt.access.cookie.domain=localhost +jwt.refresh.cookie.domain=localhost # Kakao spring.security.oauth2.client.registration.kakao.client-id=f5153d4ff1ef221bc332da3ccfec5e81 spring.security.oauth2.client.registration.kakao.client-secret=E1YuDOXrG22kymEaB53kqRYvMJrt4z5f