Merge pull request #120 from wafflestudio/feat/socialLogin

aystoe · web-flow · commit e5d7a260b08a · 2026-05-07T14:43:51.000+09:00
Feat/social login
diff --git a/.idea/sqldialects.xml b/.idea/sqldialects.xml
diff --git a/hangsha/src/main/kotlin/com/team1/hangsha/config/SecurityConfig.kt b/hangsha/src/main/kotlin/com/team1/hangsha/config/SecurityConfig.kt
@@ -30,6 +30,7 @@ class SecurityConfig(
     @Bean
     fun filterChain(http: HttpSecurity): SecurityFilterChain {
         http
+            .cors { }
             .csrf { it.disable() }
             .formLogin { it.disable() }
             .httpBasic { it.disable() }
diff --git a/hangsha/src/main/kotlin/com/team1/hangsha/config/WebConfig.kt b/hangsha/src/main/kotlin/com/team1/hangsha/config/WebConfig.kt
@@ -3,6 +3,7 @@ package com.team1.hangsha.config
 import com.team1.hangsha.user.UserArgumentResolver
 import org.springframework.context.annotation.Configuration
 import org.springframework.web.method.support.HandlerMethodArgumentResolver
+import org.springframework.web.servlet.config.annotation.CorsRegistry
 import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry
 import org.springframework.web.servlet.config.annotation.WebMvcConfigurer
 
@@ -19,4 +20,16 @@ class WebConfig(
         registry.addResourceHandler("/static/**")
             .addResourceLocations("classpath:/static/")
     }
+
+    override fun addCorsMappings(registry: CorsRegistry) {
+        registry.addMapping("/**") // 모든 경로에 대해
+            .allowedOrigins(
+                "http://localhost:3000",                  // 로컬 프론트엔드
+                "https://hangsha-dev.wafflestudio.com",   // Dev 프론트엔드
+                "https://hangsha.wafflestudio.com"        // Prod 프론트엔드
+            )
+            .allowedMethods("GET", "POST", "PUT", "DELETE", "PATCH", "OPTIONS")
+            .allowedHeaders("*")
+            .allowCredentials(true) // 🌟 쿠키 주고받기 허용 (매우 중요)
+    }
 }
diff --git a/hangsha/src/main/resources/application.yml b/hangsha/src/main/resources/application.yml
@@ -69,10 +69,6 @@ jwt:
   access-expiration-ms: 3600000
   refresh-expiration-ms: 1209600000
 
-auth: # default cookie setting
-  refresh-cookie:
-    secure: false
-    same-site: Lax
 
 springdoc:
   swagger-ui:
@@ -106,6 +102,10 @@ app:
   oauth2:
     front-redirect-uri: "http://localhost:3000/auth/callback"
 
+auth: # default cookie setting
+  refresh-cookie:
+    secure: false
+    same-site: Lax
 
 ---
 # ==========================================
@@ -118,6 +118,10 @@ spring:
 app:
   oauth2:
     front-redirect-uri: "https://hangsha-dev.wafflestudio.com/auth/callback"
+auth:
+  refresh-cookie:
+    secure: true
+    domain: ".wafflestudio.com"
 ---
 # ==========================================
 # prod
@@ -128,4 +132,8 @@ spring:
       on-profile: prod
 app:
   oauth2:
-    front-redirect-uri: "https://hangsha.wafflestudio.com/auth/callback"
+    front-redirect-uri: "https://hangsha.wafflestudio.com/auth/callback"
+auth:
+  refresh-cookie:
+    secure: true
+    domain: ".wafflestudio.com"
