jisung-in · pdohyung · May 3, 2024 · Apr 14, 2024 · Apr 14, 2024 · Apr 14, 2024
diff --git a/src/main/java/com/jisungin/api/oauth/AuthInterceptor.java b/src/main/java/com/jisungin/api/oauth/AuthInterceptor.java
@@ -50,6 +50,7 @@ public boolean preHandle(HttpServletRequest request, HttpServletResponse respons
         Long userId = Optional.ofNullable(session.getAttribute(JSESSION_ID))
                 .map(id -> (Long) id)
                 .orElseThrow(() -> new BusinessException(UNAUTHORIZED_REQUEST));
+        log.info("JSESSION_ID 조회 = {}", userId);
         authContext.setUserId(userId);
         return true;
     }
@@ -63,6 +64,7 @@ private boolean isAuthenticationNotRequired(HttpServletRequest request) {
     }
 
     private HttpSession getSession(HttpServletRequest request) {
+        log.info("세션 조회");
         HttpSession session = request.getSession(false);
 
         if (session == null) {

diff --git a/src/main/java/com/jisungin/api/oauth/OauthController.java b/src/main/java/com/jisungin/api/oauth/OauthController.java
@@ -8,10 +8,12 @@
 import jakarta.servlet.http.HttpSession;
 import lombok.RequiredArgsConstructor;
 import lombok.SneakyThrows;
+import lombok.extern.slf4j.Slf4j;
 import org.springframework.web.bind.annotation.*;
 
 import static com.jisungin.api.oauth.AuthConstant.*;
 
+@Slf4j
 @RestController
 @RequiredArgsConstructor
 @RequestMapping("/v1/oauth")
@@ -25,6 +27,7 @@ public ApiResponse<Void> redirectAuthRequestUrl(
             @PathVariable OauthType oauthType,
             HttpServletResponse response
     ) {
+        log.info("redirect 요청");
         String redirectUrl = oauthService.getAuthCodeRequestUrl(oauthType);
         response.sendRedirect(redirectUrl);
         return ApiResponse.ok(null);
@@ -36,9 +39,11 @@ public ApiResponse<Void> login(
             @RequestParam("code") String code,
             HttpServletRequest request
     ) {
+        log.info("login 요청");
         Long userId = oauthService.login(oauthType, code);
         HttpSession session = request.getSession(true);
         session.setAttribute(JSESSION_ID, userId);
+        log.info("JSESSION_ID = {}", session.getAttribute(JSESSION_ID));
         return ApiResponse.ok(null);
     }
 

diff --git a/src/main/java/com/jisungin/config/WebConfig.java b/src/main/java/com/jisungin/config/WebConfig.java
@@ -13,7 +13,7 @@ public class WebConfig implements WebMvcConfigurer {
     @Override
     public void addCorsMappings(CorsRegistry registry) {
         registry.addMapping("/**")
-                .allowedOrigins("http://localhost:3000")
+                .allowedOrigins("http://localhost:3000", "https://api.jisungin.co.kr")
                 .allowedMethods(
                         HttpMethod.GET.name(),
                         HttpMethod.POST.name(),

diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml
@@ -12,4 +12,11 @@ spring:
     include:
       - oauth
       - crawler
-      - s3
+      - s3
+
+server:
+  servlet:
+    session:
+      cookie:
+        same-site: none
+        secure: true