Merge branch 'main' of https://github.com/prgrms-web-devcourse-final-project/WEB1_1_Bongdari_BE into refactor/60-modify-community-board-query

# Conflicts:
#	src/main/java/com/somemore/community/service/CommunityBoardQueryService.java

Author: ayoung-dev

.github/workflows/CD.yml

@@ -23,7 +23,10 @@ jobs:
       NAVER_CLIENT_ID: ${{ secrets.NAVER_CLIENT_ID }}
       NAVER_CLIENT_SECRET: ${{ secrets.NAVER_CLIENT_SECRET }}
       NAVER_SCOPE: ${{ secrets.NAVER_SCOPE }}
+      NAVER_REDIRECT_URL: ${{secrets.NAVER_REDIRECT_URL}}
       JWT_SECRET: ${{ secrets.JWT_SECRET }}
+      FRONT_URL: ${{secrets.FRONT_URL}}
+      BACK_URL: ${{secrets.BACK_URL}}
 
     steps:
       - name: Github Repository 파일 불러오기

.github/workflows/CI.yml

@@ -31,7 +31,10 @@ jobs:
       NAVER_CLIENT_ID: ${{ secrets.NAVER_CLIENT_ID }}
       NAVER_CLIENT_SECRET: ${{ secrets.NAVER_CLIENT_SECRET }}
       NAVER_SCOPE: ${{ secrets.NAVER_SCOPE }}
+      NAVER_REDIRECT_URL: ${{secrets.NAVER_REDIRECT_URL}}
       JWT_SECRET: ${{ secrets.JWT_SECRET }}
+      FRONT_URL: ${{secrets.FRONT_URL}}
+      BACK_URL: ${{secrets.BACK_URL}}
 
 
     steps:

src/main/java/com/somemore/auth/cookie/CookieService.java

@@ -0,0 +1,36 @@
+package com.somemore.auth.cookie;
+
+import com.somemore.auth.jwt.domain.TokenType;
+import jakarta.servlet.http.HttpServletResponse;
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.http.ResponseCookie;
+import org.springframework.stereotype.Service;
+
+@Service
+@RequiredArgsConstructor
+@Slf4j
+public class CookieService implements CookieUseCase {
+
+    @Override
+    public void setAccessToken(HttpServletResponse response, String value) {
+        ResponseCookie cookie = generateCookie(TokenType.ACCESS, value);
+        response.addHeader("Set-Cookie", cookie.toString());
+    }
+
+    @Override
+    public void deleteAccessToken(HttpServletResponse response) {
+        ResponseCookie cookie = generateCookie(TokenType.SIGNOUT, TokenType.SIGNOUT.name());
+        response.addHeader("Set-Cookie", cookie.toString());
+    }
+
+    private static ResponseCookie generateCookie(TokenType tokenType, String value) {
+        return ResponseCookie.from(TokenType.ACCESS.name(), value) // 덮어쓰기 위해서 고정 값
+                .httpOnly(true)
+                .secure(true)
+                .path("/")
+                .maxAge(tokenType.getPeriodInSeconds())
+                .sameSite("Lax")
+                .build();
+    }
+}

src/main/java/com/somemore/auth/cookie/CookieUseCase.java

@@ -0,0 +1,9 @@
+package com.somemore.auth.cookie;
+
+import jakarta.servlet.http.HttpServletResponse;
+
+public interface CookieUseCase {
+    void setAccessToken(HttpServletResponse response, String value);
+
+    void deleteAccessToken(HttpServletResponse response);
+}

src/main/java/com/somemore/auth/cookie/SetCookieService.java

@@ -5,7 +5,8 @@
 @Getter
 public enum TokenType {
     ACCESS(1000 * 60 * 30),
-    REFRESH(1000 * 60 * 60 * 24 * 7);
+    REFRESH(1000 * 60 * 60 * 24 * 7),
+    SIGNOUT(0);
 
     private final int period;
 

src/main/java/com/somemore/auth/cookie/SetCookieUseCase.java

@@ -1,6 +1,5 @@
 package com.somemore.auth.jwt.filter;
 
-import com.somemore.auth.UserRole;
 import com.somemore.auth.jwt.domain.EncodedToken;
 import com.somemore.auth.jwt.exception.JwtErrorType;
 import com.somemore.auth.jwt.exception.JwtException;

src/main/java/com/somemore/auth/jwt/domain/TokenType.java

@@ -1,4 +1,4 @@
-package com.somemore.auth;
+package com.somemore.auth.jwt.filter;
 
 public enum UserRole {
     VOLUNTEER,

src/main/java/com/somemore/auth/jwt/filter/JwtAuthFilter.java

@@ -26,10 +26,8 @@ public void save(RefreshToken refreshToken) {
     }
 
     @Override
-    public void removeRefreshToken(EncodedToken accessToken) {
-        RefreshToken refreshToken = refreshTokenRepository.findByAccessToken(accessToken.value())
-                .orElseThrow(() -> new JwtException(JwtErrorType.EXPIRED_TOKEN));
-
-        refreshTokenRepository.delete(refreshToken);
+    public void removeRefreshToken(String userId) {
+        refreshTokenRepository.findByUserId(userId)
+                .ifPresent(refreshTokenRepository::delete);
     }
 }