Merge pull request #56 from max2023-4th-project-01/fix/cors

fix: Refresh-Token 설정 추가 #55
max2023-4th-project-01 · Sep 11, 2023 · a56fc64 · a56fc64
2 parents 279605c + 43c3ecd
commit a56fc64
Show file tree

Hide file tree

Showing 3 changed files with 7 additions and 2 deletions.
diff --git a/be/src/main/java/kr/codesquad/core/config/SecurityConfig.java b/be/src/main/java/kr/codesquad/core/config/SecurityConfig.java
@@ -2,6 +2,7 @@
 
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.http.HttpHeaders;
 import org.springframework.http.HttpMethod;
 import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
@@ -22,6 +23,7 @@
 import kr.codesquad.jwt.service.JwtAuthenticationSuccessHandler;
 import kr.codesquad.jwt.service.JwtProvider;
 import kr.codesquad.user.service.UserService;
+import kr.codesquad.util.Constants;
 import lombok.RequiredArgsConstructor;
 
 @EnableWebSecurity // spring security 설정을 활성화시켜주는 어노테이션
@@ -87,7 +89,8 @@ public CorsConfigurationSource configurationSource() {
 		configuration.addAllowedMethod("*"); // GET, POST, PUT, DELETE (Javascript 요청 허용)
 		configuration.addAllowedOriginPattern("*"); // 모든 IP 주소 허용 (프론트 앤드 IP만 허용 react)
 		configuration.setAllowCredentials(true); // 클라이언트에서 쿠키 요청 허용
-		configuration.addExposedHeader("Authorization"); // 옛날에는 디폴트 였다. 지금은 아닙니다.
+		configuration.addExposedHeader(HttpHeaders.AUTHORIZATION);// 옛날에는 디폴트 였다. 지금은 아닙니다.
+		configuration.addExposedHeader(Constants.REFRESH_TOKEN);
 		UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
 		source.registerCorsConfiguration("/**", configuration);
 		return source;

diff --git a/be/src/main/java/kr/codesquad/jwt/service/JwtAuthenticationSuccessHandler.java b/be/src/main/java/kr/codesquad/jwt/service/JwtAuthenticationSuccessHandler.java
@@ -46,7 +46,7 @@ public void onAuthenticationSuccess(HttpServletRequest request, HttpServletRespo
 		userData.put("profileImageUrl", user.getProfileImageUrl());
 
 		response.setHeader(HttpHeaders.AUTHORIZATION, Constants.TOKEN_PREFIX + jwt.getAccessToken());
-		response.setHeader("Refresh-Token", Constants.TOKEN_PREFIX + jwt.getRefreshToken());
+		response.setHeader(Constants.REFRESH_TOKEN, Constants.TOKEN_PREFIX + jwt.getRefreshToken());
 		response.setContentType(MediaType.APPLICATION_JSON_VALUE);
 		response.getWriter().write(new ObjectMapper().writeValueAsString(userData));
 	}

diff --git a/be/src/main/java/kr/codesquad/util/Constants.java b/be/src/main/java/kr/codesquad/util/Constants.java
@@ -3,4 +3,6 @@
 public final class Constants {
 	public static final String LOGIN_ID = "loginId";
 	public static final String TOKEN_PREFIX = "Bearer ";
+
+	public static final String REFRESH_TOKEN = "Refresh-Token";
 }