Skip to content

Commit

Permalink
🚑 Fix: JWT 토큰 인증 활성화 및 유효시간 12시간으로 확대 (#131)
Browse files Browse the repository at this point in the history
  • Loading branch information
@win-luck
win-luck committed Dec 4, 2023
1 parent 657081a commit 539f8d8
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 2 deletions.
2 changes: 1 addition & 1 deletion src/main/java/com/diareat/diareat/auth/component/JwtTokenProvider.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,7 @@ public String createToken(String userPk) {
return Jwts.builder()
.setClaims(claims) // 정보 저장
.setIssuedAt(now) // 토큰 발행 시간 정보
.setExpiration(new Date(now.getTime() + (360 * 60 * 1000L))) // 토큰 유효시각 설정 (360분)
.setExpiration(new Date(now.getTime() + (720 * 60 * 1000L))) // 토큰 유효시각 설정 (12시간)
.signWith(SignatureAlgorithm.HS256, secretKey) // 암호화 알고리즘과, secret 값
.compact();
}
Expand Down
2 changes: 1 addition & 1 deletion src/main/java/com/diareat/diareat/config/WebSecurityConfig.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
.and()
.authorizeRequests()
.antMatchers(AUTH_LIST).permitAll() // swagger 관련 URL은 인증 없이 접근 가능 (테스트용)
.antMatchers("/api/**").permitAll() // 회원가입/로그인 관련 URL은 인증 없이 접근 가능
.antMatchers("/api/auth/**").permitAll() // 회원가입/로그인 관련 URL은 인증 없이 접근 가능
.anyRequest().authenticated() // 나머지 모든 URL은 Jwt 인증 필요
.and()
.addFilterBefore(new JwtAuthFilter(jwtTokenProvider), UsernamePasswordAuthenticationFilter.class);
Expand Down

0 comments on commit 539f8d8

Please sign in to comment.