🚀 프론트 https 설정

RetepMil · Oct 3, 2023 · bbaf114 · bbaf114
1 parent d3db0b7
commit bbaf114
Show file tree

Hide file tree

Showing 3 changed files with 4 additions and 4 deletions.
diff --git a/.github/workflows/cicd.yml b/.github/workflows/cicd.yml
@@ -4,7 +4,7 @@ on:
     branches:
       - "develop"
       - "main"
-      - "hotfix/cd-script"
+      - "infra/https-config"
   pull_request:
     branches:
       - "develop"

diff --git a/src/main/kotlin/retepmil/personal/dailysteady/common/security/config/WebConfig.kt b/src/main/kotlin/retepmil/personal/dailysteady/common/security/config/WebConfig.kt
@@ -12,7 +12,7 @@ class WebConfig : WebMvcConfigurer {
     // CORS 설정
     override fun addCorsMappings(registry: CorsRegistry) {
         registry.addMapping("/**")
-            .allowedOrigins("http://localhost:5173", "http://dailysteady.site/")
+            .allowedOrigins("http://localhost:5173", "https://dailysteady.site/")
             .allowedMethods("*")
             .allowCredentials(true)
             .exposedHeaders("*")

diff --git a/src/main/kotlin/retepmil/personal/dailysteady/common/security/jwt/JwtTokenProvider.kt b/src/main/kotlin/retepmil/personal/dailysteady/common/security/jwt/JwtTokenProvider.kt
@@ -125,15 +125,15 @@ class JwtTokenProvider(
             .value(refreshTokenValue)
             .path("/")
             .maxAge(maxAgeSeconds)
-            .httpOnly(false) // 배포 환경에서는 true로 설정 필요
+            .httpOnly(true)
             .secure(true)
             .sameSite("None")
             .build()
 
         fun generateAccessTokenCookie(accessTokenValue: String): ResponseCookie = ResponseCookie.from("x-access-token")
             .value(accessTokenValue)
             .maxAge(expirationMiliseconds)
-            .httpOnly(false)
+            .httpOnly(true)
             .secure(true)
             .sameSite("None")
             .build()