hotfix: 로그아웃 시, cookie default value 지정

SSAF-SOUND · Oct 8, 2023 · 12488b8 · 12488b8
1 parent aa75402
commit 12488b8
Show file tree

Hide file tree

Showing 3 changed files with 6 additions and 3 deletions.
diff --git a/src/main/java/com/ssafy/ssafsound/domain/auth/controller/AuthController.java b/src/main/java/com/ssafy/ssafsound/domain/auth/controller/AuthController.java
@@ -48,8 +48,8 @@ public void socialLoginRedirect(@PathVariable(name = "oauthName") String oauthNa
 
     @DeleteMapping("/logout")
     public EnvelopeResponse<Void> logout(
-            @CookieValue(value = "accessToken") String accessToken,
-            @CookieValue(value = "refreshToken") String refreshToken,
+            @CookieValue(value = "accessToken", defaultValue = "") String accessToken,
+            @CookieValue(value = "refreshToken", defaultValue = "") String refreshToken,
             HttpServletResponse response) {
         authService.deleteTokens(accessToken, refreshToken);
         cookieProvider.setResponseWithCookies(response, null, null);

diff --git a/src/main/java/com/ssafy/ssafsound/domain/auth/service/token/JwtTokenProvider.java b/src/main/java/com/ssafy/ssafsound/domain/auth/service/token/JwtTokenProvider.java
@@ -69,6 +69,8 @@ public Long getMemberIdByRefreshToken(String token) {
                     .getBody();
         } catch (ExpiredJwtException e) {
             throw new AuthException(AuthErrorInfo.AUTH_TOKEN_EXPIRED);
+        } catch (JwtException | IllegalArgumentException e) {
+            throw new AuthException(AuthErrorInfo.AUTH_TOKEN_INVALID);
         }
         return claims.get("memberId", Long.class);
     }

diff --git a/src/main/java/com/ssafy/ssafsound/global/config/WebMvcConfig.java b/src/main/java/com/ssafy/ssafsound/global/config/WebMvcConfig.java
@@ -5,14 +5,14 @@
 import org.springframework.boot.web.servlet.FilterRegistrationBean;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
-import org.springframework.http.HttpHeaders;
 import org.springframework.web.cors.CorsConfiguration;
 import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
 import org.springframework.web.filter.CorsFilter;
 import org.springframework.web.method.support.HandlerMethodArgumentResolver;
 import org.springframework.web.servlet.config.annotation.CorsRegistry;
 import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
 import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
+
 import java.util.List;
 
 
@@ -47,6 +47,7 @@ public void addInterceptors(InterceptorRegistry registry) {
         registry.addInterceptor(authInterceptor)
                 .addPathPatterns("/**")
                 .excludePathPatterns("/auth/callback")
+                .excludePathPatterns("/auth/logout")
                 .excludePathPatterns("/members/nickname")
                 .excludePathPatterns("/boards");
     }