From 82e8bb4cbc5a7214c4b0e4b62d452ea3c4cae087 Mon Sep 17 00:00:00 2001
From: junpakPark <112045553+junpakPark@users.noreply.github.com>
Date: Sun, 17 Sep 2023 17:46:19 +0900
Subject: [PATCH 1/4] =?UTF-8?q?fix:=20RefreshToken=20Payload=20=EC=B6=94?=
 =?UTF-8?q?=EA=B0=80=20=EB=B0=8F=20CORS=20=EC=99=84=ED=99=94?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../mapbefine/auth/infrastructure/JwtTokenProvider.java    | 7 ++++---
 .../com/mapbefine/mapbefine/common/config/WebConfig.java   | 2 --
 2 files changed, 4 insertions(+), 5 deletions(-)

diff --git a/backend/src/main/java/com/mapbefine/mapbefine/auth/infrastructure/JwtTokenProvider.java b/backend/src/main/java/com/mapbefine/mapbefine/auth/infrastructure/JwtTokenProvider.java
index 2e11a2ebe..f3ec2a3e7 100644
--- a/backend/src/main/java/com/mapbefine/mapbefine/auth/infrastructure/JwtTokenProvider.java
+++ b/backend/src/main/java/com/mapbefine/mapbefine/auth/infrastructure/JwtTokenProvider.java
@@ -11,14 +11,13 @@
 import io.jsonwebtoken.Jwts;
 import io.jsonwebtoken.SignatureAlgorithm;
 import java.util.Date;
+import java.util.UUID;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.stereotype.Component;
 
 @Component
 public class JwtTokenProvider implements TokenProvider {
 
-    private static final String EMPTY = "";
-
     private final String secretKey;
     private final long accessExpirationTime;
     private final long refreshExpirationTime;
@@ -41,7 +40,9 @@ public String createAccessToken(String payload) {
     }
 
     public String createRefreshToken() {
-        return createToken(EMPTY, refreshExpirationTime);
+        UUID payload = UUID.randomUUID();
+
+        return createToken(payload.toString(), refreshExpirationTime);
     }
 
     private String createToken(String payload, Long validityInMilliseconds) {
diff --git a/backend/src/main/java/com/mapbefine/mapbefine/common/config/WebConfig.java b/backend/src/main/java/com/mapbefine/mapbefine/common/config/WebConfig.java
index 2af70d483..e60ac9891 100644
--- a/backend/src/main/java/com/mapbefine/mapbefine/common/config/WebConfig.java
+++ b/backend/src/main/java/com/mapbefine/mapbefine/common/config/WebConfig.java
@@ -16,9 +16,7 @@ public class WebConfig implements WebMvcConfigurer {
     public void addCorsMappings(CorsRegistry registry) {
         registry.addMapping("/**")
                 .allowedOrigins("http://localhost:3000", "https://mapbefine.kro.kr", "https://mapbefine.com")
-                .allowedHeaders("refresh-token")
                 .allowedMethods("*")
-                .allowCredentials(true)
                 .exposedHeaders(LOCATION, SET_COOKIE);
     }
 

From da5bfc12ea91d759c4e4f5ef4c53295f0da93ddd Mon Sep 17 00:00:00 2001
From: junpakPark <112045553+junpakPark@users.noreply.github.com>
Date: Sun, 17 Sep 2023 18:02:17 +0900
Subject: [PATCH 2/4] =?UTF-8?q?fix:=20Refresh=20Token=20Header=20=ED=97=88?=
 =?UTF-8?q?=EC=9A=A9?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../java/com/mapbefine/mapbefine/common/config/WebConfig.java    | 1 +
 1 file changed, 1 insertion(+)

diff --git a/backend/src/main/java/com/mapbefine/mapbefine/common/config/WebConfig.java b/backend/src/main/java/com/mapbefine/mapbefine/common/config/WebConfig.java
index e60ac9891..a6629c6a5 100644
--- a/backend/src/main/java/com/mapbefine/mapbefine/common/config/WebConfig.java
+++ b/backend/src/main/java/com/mapbefine/mapbefine/common/config/WebConfig.java
@@ -16,6 +16,7 @@ public class WebConfig implements WebMvcConfigurer {
     public void addCorsMappings(CorsRegistry registry) {
         registry.addMapping("/**")
                 .allowedOrigins("http://localhost:3000", "https://mapbefine.kro.kr", "https://mapbefine.com")
+                .allowedHeaders("refresh-token")
                 .allowedMethods("*")
                 .exposedHeaders(LOCATION, SET_COOKIE);
     }

From 4f570273b6448df0badfef3b058a154542712e6e Mon Sep 17 00:00:00 2001
From: junpakPark <112045553+junpakPark@users.noreply.github.com>
Date: Sun, 17 Sep 2023 19:19:18 +0900
Subject: [PATCH 3/4] =?UTF-8?q?fix:=20CORS=20=EC=9E=AC=EC=84=A4=EC=A0=95?=
 =?UTF-8?q?=20=EB=B0=8F=20sameSite=20None?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../mapbefine/auth/presentation/LoginController.java          | 2 +-
 .../java/com/mapbefine/mapbefine/common/config/WebConfig.java | 4 +++-
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/backend/src/main/java/com/mapbefine/mapbefine/auth/presentation/LoginController.java b/backend/src/main/java/com/mapbefine/mapbefine/auth/presentation/LoginController.java
index b7ca5d0b5..58a608e47 100644
--- a/backend/src/main/java/com/mapbefine/mapbefine/auth/presentation/LoginController.java
+++ b/backend/src/main/java/com/mapbefine/mapbefine/auth/presentation/LoginController.java
@@ -64,7 +64,7 @@ private ResponseCookie createCookie(String refreshToken) {
         return ResponseCookie.from("refresh-token", refreshToken)
                 .httpOnly(true)
                 .maxAge(TWO_WEEKS)
-                .sameSite("Lax")
+                .sameSite("None")
                 .secure(true)
                 .path("/")
                 .build();
diff --git a/backend/src/main/java/com/mapbefine/mapbefine/common/config/WebConfig.java b/backend/src/main/java/com/mapbefine/mapbefine/common/config/WebConfig.java
index a6629c6a5..6cfddd360 100644
--- a/backend/src/main/java/com/mapbefine/mapbefine/common/config/WebConfig.java
+++ b/backend/src/main/java/com/mapbefine/mapbefine/common/config/WebConfig.java
@@ -1,5 +1,6 @@
 package com.mapbefine.mapbefine.common.config;
 
+import static org.springframework.http.HttpHeaders.COOKIE;
 import static org.springframework.http.HttpHeaders.LOCATION;
 import static org.springframework.http.HttpHeaders.SET_COOKIE;
 
@@ -16,8 +17,9 @@ public class WebConfig implements WebMvcConfigurer {
     public void addCorsMappings(CorsRegistry registry) {
         registry.addMapping("/**")
                 .allowedOrigins("http://localhost:3000", "https://mapbefine.kro.kr", "https://mapbefine.com")
-                .allowedHeaders("refresh-token")
+                .allowedHeaders(COOKIE)
                 .allowedMethods("*")
+                .allowCredentials(true)
                 .exposedHeaders(LOCATION, SET_COOKIE);
     }
 

From d19d77dc7329f7bb30d05aec6bd7a3f7f2f3c70b Mon Sep 17 00:00:00 2001
From: junpakPark <112045553+junpakPark@users.noreply.github.com>
Date: Mon, 18 Sep 2023 19:40:06 +0900
Subject: [PATCH 4/4] =?UTF-8?q?fix:=20refreshToken=20=EC=A1=B4=EC=9E=AC=20?=
 =?UTF-8?q?=EC=8B=9C=20=EC=82=AD=EC=A0=9C=20=EB=A1=9C=EC=A7=81=20=EB=B3=80?=
 =?UTF-8?q?=EA=B2=BD?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../mapbefine/mapbefine/auth/application/TokenService.java  | 6 +++---
 .../mapbefine/auth/domain/token/RefreshTokenRepository.java | 3 +--
 2 files changed, 4 insertions(+), 5 deletions(-)

diff --git a/backend/src/main/java/com/mapbefine/mapbefine/auth/application/TokenService.java b/backend/src/main/java/com/mapbefine/mapbefine/auth/application/TokenService.java
index 3344a6f95..0fb0bd0bb 100644
--- a/backend/src/main/java/com/mapbefine/mapbefine/auth/application/TokenService.java
+++ b/backend/src/main/java/com/mapbefine/mapbefine/auth/application/TokenService.java
@@ -26,8 +26,9 @@ public LoginTokens issueTokens(Long memberId) {
         String accessToken = tokenProvider.createAccessToken(String.valueOf(memberId));
         String refreshToken = tokenProvider.createRefreshToken();
 
-        refreshTokenRepository.findByMemberId(memberId)
-                .ifPresent(refreshTokenRepository::delete);
+        if (refreshTokenRepository.existsByMemberId(memberId)) {
+            refreshTokenRepository.deleteByMemberId(memberId);
+        }
 
         refreshTokenRepository.save(new RefreshToken(refreshToken, memberId));
 
@@ -58,5 +59,4 @@ public void removeRefreshToken(String refreshToken, String accessToken) {
     }
 
 
-
 }
diff --git a/backend/src/main/java/com/mapbefine/mapbefine/auth/domain/token/RefreshTokenRepository.java b/backend/src/main/java/com/mapbefine/mapbefine/auth/domain/token/RefreshTokenRepository.java
index 8fab50563..75838b309 100644
--- a/backend/src/main/java/com/mapbefine/mapbefine/auth/domain/token/RefreshTokenRepository.java
+++ b/backend/src/main/java/com/mapbefine/mapbefine/auth/domain/token/RefreshTokenRepository.java
@@ -1,11 +1,10 @@
 package com.mapbefine.mapbefine.auth.domain.token;
 
-import java.util.Optional;
 import org.springframework.data.jpa.repository.JpaRepository;
 
 public interface RefreshTokenRepository extends JpaRepository<RefreshToken, String> {
 
-    Optional<RefreshToken> findByMemberId(Long memberId);
+    boolean existsByMemberId(Long memberId);
 
     void deleteByMemberId(Long memberId);