From 029bf5ed4393d921e7869b629e7f452054a42b8e Mon Sep 17 00:00:00 2001
From: Kim Daehyeon <daehyeon3351@gmail.com>
Date: Tue, 27 Feb 2024 23:42:27 +0900
Subject: [PATCH] =?UTF-8?q?fix:=20=EB=A1=9C=EA=B7=B8=EC=9D=B8=20=EC=8B=9C?=
 =?UTF-8?q?=20Cookie=EA=B0=80=20=EC=84=A4=EC=A0=95=EB=90=98=EC=A7=80=20?=
 =?UTF-8?q?=EC=95=8A=EB=8A=94=20=EB=AC=B8=EC=A0=9C=201=EC=B0=A8=20?=
 =?UTF-8?q?=EC=88=98=EC=A0=95=20-=20#24?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../service/auth/AuthQueryServiceImpl.java    | 23 +++++++++++--------
 1 file changed, 13 insertions(+), 10 deletions(-)

diff --git a/src/main/java/org/mjulikelion/baker/service/auth/AuthQueryServiceImpl.java b/src/main/java/org/mjulikelion/baker/service/auth/AuthQueryServiceImpl.java
index e14fc18..ed8afe4 100644
--- a/src/main/java/org/mjulikelion/baker/service/auth/AuthQueryServiceImpl.java
+++ b/src/main/java/org/mjulikelion/baker/service/auth/AuthQueryServiceImpl.java
@@ -4,15 +4,17 @@
 import static org.mjulikelion.baker.constant.SecurityConstant.ROOT_PATH;
 import static org.mjulikelion.baker.errorcode.ErrorCode.AUTHENTICATION_ERROR;
 
-import jakarta.servlet.http.Cookie;
 import jakarta.servlet.http.HttpServletResponse;
+import java.time.Duration;
 import org.mjulikelion.baker.dto.request.auth.AuthLoginRequestDto;
 import org.mjulikelion.baker.dto.response.ResponseDto;
 import org.mjulikelion.baker.exception.AuthenticationException;
 import org.mjulikelion.baker.util.security.JwtEncoder;
 import org.mjulikelion.baker.util.security.JwtTokenProvider;
 import org.springframework.beans.factory.annotation.Value;
+import org.springframework.boot.web.servlet.server.Session.Cookie;
 import org.springframework.http.HttpStatus;
+import org.springframework.http.ResponseCookie;
 import org.springframework.http.ResponseEntity;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
@@ -45,16 +47,17 @@ public ResponseEntity<ResponseDto<Void>> login(AuthLoginRequestDto authLoginRequ
 
             String jwtToken = jwtTokenProvider.generateToken(authentication).getAccessToken();
 
-            Cookie cookie = new Cookie(ACCESS_TOKEN,
-                    JwtEncoder.encodeJwtBearerToken(jwtToken));
-
-            cookie.setMaxAge(cookieMaxAge);
-            cookie.setHttpOnly(true);
-            cookie.setPath(ROOT_PATH);
-            response.addCookie(cookie);
+            ResponseCookie cookie = ResponseCookie.from(ACCESS_TOKEN, JwtEncoder.encodeJwtBearerToken(jwtToken))
+                    .secure(true)
+                    .sameSite(String.valueOf(Cookie.SameSite.LAX))
+                    .maxAge(Duration.ofMinutes(cookieMaxAge))
+                    .httpOnly(true)
+                    .path(ROOT_PATH)
+                    .build();
+            response.addHeader("Set-Cookie", cookie.toString());
         } catch (Exception e) {
             throw new AuthenticationException(AUTHENTICATION_ERROR, e.getMessage());
         }
-        return new ResponseEntity<>(ResponseDto.res(HttpStatus.OK, "OK"), HttpStatus.OK);
+        return new ResponseEntity<>(ResponseDto.res(HttpStatus.OK, "OK", null), HttpStatus.OK);
     }
-}
+}
\ No newline at end of file