Skip to content

Commit d00d58c

Browse files
EveryPineEveryPine
authored
Merge pull request #32 from 9roomMoa/feat/#31
fix: google 로그인 리디렉트 버그 수정
2 parents c56792e + 900b763 commit d00d58c

5 files changed

Lines changed: 55 additions & 11 deletions

File tree

aether-security

src/main/java/com/groommoa/aether_back_spring/global/auth/controller/AuthController.java

Lines changed: 24 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -9,11 +9,19 @@
99
import jakarta.servlet.http.HttpServletResponse;
1010
import jakarta.servlet.http.HttpSession;
1111
import lombok.RequiredArgsConstructor;
12+
import org.springframework.beans.factory.annotation.Value;
13+
import org.springframework.http.HttpHeaders;
1214
import org.springframework.http.ResponseEntity;
1315
import org.springframework.security.core.annotation.AuthenticationPrincipal;
1416
import org.springframework.util.StringUtils;
1517
import org.springframework.web.bind.annotation.*;
18+
import org.springframework.web.util.UriComponentsBuilder;
1619

20+
import java.io.IOException;
21+
import java.net.URI;
22+
import java.net.URLEncoder;
23+
import java.nio.charset.StandardCharsets;
24+
import java.util.Base64;
1725
import java.util.HashMap;
1826
import java.util.Map;
1927

@@ -32,21 +40,27 @@ public class AuthController {
3240
* @return 로그인 성공 응답과 JWT access token
3341
*/
3442
@GetMapping("/success")
35-
public ResponseEntity<CommonResponse> loginSuccess(HttpSession session) {
43+
public ResponseEntity<Void> loginSuccess(HttpSession session) throws IOException {
3644
// 세션에서 데이터 읽기
3745
String accessToken = (String) session.getAttribute("accessToken");
3846
Member member = (Member) session.getAttribute("member");
3947

40-
// 소셜 로그인 성공 응답 객체 생성
41-
Map<String, Object> result = new HashMap<>();
42-
result.put("id", member.getId());
43-
result.put("username", member.getName());
44-
result.put("email", member.getEmail());
45-
result.put("accessToken", accessToken);
48+
// 프론트엔드 엔드포인트로 리다이렉트
49+
String baseFrontendUrl = "https://localhost:5173";
50+
String encodedUsername = Base64.getEncoder().encodeToString(member.getName().getBytes(StandardCharsets.UTF_8));
4651

47-
CommonResponse response = new CommonResponse(
48-
HttpStatus.OK, "소셜 로그인에 성공했습니다.", result);
49-
return ResponseEntity.ok(response);
52+
HttpHeaders headers = new HttpHeaders();
53+
headers.setLocation(URI.create(baseFrontendUrl + "/sign-up"));
54+
55+
// 쿠키로 사용자 데이터 전달
56+
headers.add(HttpHeaders.SET_COOKIE, "accessToken=" + accessToken + "; Secure; SameSite=None; Path=/; Max-Age=3600");
57+
headers.add(HttpHeaders.SET_COOKIE, "id=" + member.getId() + "; Secure; SameSite=None; Path=/; Max-Age=3600");
58+
headers.add(HttpHeaders.SET_COOKIE, "username=" + encodedUsername + "; Secure; SameSite=None; Path=/; Max-Age=3600");
59+
headers.add(HttpHeaders.SET_COOKIE, "email=" + member.getEmail() + "; Secure; SameSite=None; Path=/; Max-Age=3600");
60+
61+
return ResponseEntity.status(HttpStatus.MOVED_PERMANENTLY)
62+
.headers(headers)
63+
.body(null);
5064
}
5165

5266
/**

src/main/java/com/groommoa/aether_back_spring/global/auth/handler/OAuth2SuccessHandler.java

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -14,6 +14,8 @@
1414
import org.springframework.web.util.UriComponentsBuilder;
1515

1616
import java.io.IOException;
17+
import java.net.URLEncoder;
18+
import java.nio.charset.StandardCharsets;
1719

1820
/**
1921
* OAuth2 인증 성공 후 실행되는 핸들러

src/main/java/com/groommoa/aether_back_spring/global/common/constants/HttpStatus.java

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -4,4 +4,5 @@ public final class HttpStatus {
44

55
public static final int OK = 200;
66
public static final int UNAUTHORIZED = 401;
7+
public static final int MOVED_PERMANENTLY = 301;
78
}

src/main/java/com/groommoa/aether_back_spring/global/config/SecurityConfig.java

Lines changed: 27 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -20,6 +20,11 @@
2020
import org.springframework.security.web.SecurityFilterChain;
2121
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
2222
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
23+
import org.springframework.web.cors.CorsConfiguration;
24+
import org.springframework.web.cors.CorsConfigurationSource;
25+
26+
import java.util.Collections;
27+
import java.util.List;
2328

2429
/**
2530
* Spring Security의 보안 설정을 담당하는 Spring Configuration
@@ -50,6 +55,25 @@ public WebSecurityCustomizer webSecurityCustomizer() {
5055
.requestMatchers("/error", "/favicon.ico"); // 에러 페이지 및 파비콘 요청 제외
5156
}
5257

58+
/**
59+
* CORS 설정을 위한 CorsConfigurationSource를 정의
60+
* <P></P>
61+
* CORS 요청에 대해 허용할 설정 지정
62+
*/
63+
CorsConfigurationSource corsConfigurationSource() {
64+
return request -> {
65+
CorsConfiguration config = new CorsConfiguration();
66+
config.setAllowedHeaders(Collections.singletonList("*"));
67+
config.setAllowedMethods(Collections.singletonList("*"));
68+
config.setAllowedOriginPatterns(List.of(
69+
"http://localhost:5173",
70+
"https://localhost:5173"
71+
));
72+
config.setAllowCredentials(true);
73+
return config;
74+
};
75+
}
76+
5377
/**
5478
* Spring Security의 보안 설정을 정의하는 SecurityFilterChain 생성
5579
* @param http HttpSecurity 객체
@@ -62,6 +86,9 @@ public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Excepti
6286
// CSRF 보호 비활성화 (JWT 사용 시 필요)
6387
.csrf(AbstractHttpConfigurer::disable)
6488

89+
// CORS 설정 적용
90+
.cors(corsConfigurer -> corsConfigurer.configurationSource(corsConfigurationSource()))
91+
6592
// HTTP 기본 인증 비활성화 (JWT 사용)
6693
.httpBasic(AbstractHttpConfigurer::disable)
6794

0 commit comments

Comments
 (0)