Merge branch 'main' of https://github.com/prgrms-web-devcourse-final-project/WEB6_8_HaeDokCoding_BE into dev

seungwookc97 · seungwookc97 · commit 864307162666 · 2025-10-13T22:04:23.000+09:00
diff --git a/src/main/java/com/back/domain/user/dto/RefreshTokenResDto.java b/src/main/java/com/back/domain/user/dto/RefreshTokenResDto.java
@@ -16,6 +16,5 @@ public static class UserInfoDto {
         private final String nickname;
         private final Boolean isFirstLogin;
         private final Double abvDegree;
-
     }
 }
diff --git a/src/main/java/com/back/domain/user/service/UserAuthService.java b/src/main/java/com/back/domain/user/service/UserAuthService.java
@@ -22,6 +22,8 @@
 import java.util.Optional;
 import java.util.Set;
 
+import static org.springframework.security.core.context.SecurityContextHolder.*;
+
 @Slf4j
 @Service
 @RequiredArgsConstructor
@@ -199,14 +201,30 @@ public RefreshTokenResDto refreshTokens(HttpServletRequest request, HttpServletR
 
     //토큰 끊기면서 OAuth 자동 로그아웃
     public void logout(HttpServletRequest request, HttpServletResponse response) {
+        // 1. RefreshToken DB에서 삭제
         String refreshToken = jwtUtil.getRefreshTokenFromCookie(request);
-
         if (refreshToken != null) {
             refreshTokenService.revokeToken(refreshToken);
         }
 
+        // 2. JWT 쿠키 삭제
         jwtUtil.removeAccessTokenCookie(response);
         jwtUtil.removeRefreshTokenCookie(response);
+
+        // 3. Spring Security 세션 무효화 (Redis 포함)
+        try {
+            if (request.getSession(false) != null) {
+                request.getSession().invalidate();
+                log.debug("세션 무효화");
+            }
+        } catch (IllegalStateException e) {
+            log.debug("세션이 이미 무효화되어 있음");
+        }
+
+        // 4. SecurityContext 클리어
+        clearContext();
+
+        log.info("로그아웃 완료 - JWT, 세션, SecurityContext 모두 정리됨");
     }
 
     @Transactional
diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml
@@ -102,11 +102,10 @@ custom:
   jwt:
     secretKey: ${JWT_SECRET_KEY}
   accessToken:
-    expirationSeconds: "#{60}" # 15분 곱하기
+    expirationSeconds: "#{60*15}"
   refreshToken:
     expirationSeconds: "#{60*60*24*30}"
-    idleTimeoutHours: "#{1}"
-#    "#{60*6*4}"
+    idleTimeoutHours: "#{60*6*4}"
 
 
 management:

Original file line number	Diff line number	Diff line change
`@@ -16,6 +16,5 @@ public static class UserInfoDto {`
`16`	`16`	`private final String nickname;`
`17`	`17`	`private final Boolean isFirstLogin;`
`18`	`18`	`private final Double abvDegree;`
`19`		`-`
`20`	`19`	`}`
`21`	`20`	`}`