로그인 쿠키 적용

src/main/java/kr/co/fastcampus/yanabada/common/security/oauth/Oauth2LoginSuccessHandler.java

@@ -55,7 +55,7 @@ public void onAuthenticationSuccess(
             /* 바로 로그인 */
             LoginRequest loginRequest = new LoginRequest(email, oauthPassword);
             LoginResponse loginResponse
-                = authService.loginOauth(loginRequest, ProviderType.valueOf(provider));
+                = authService.loginOauth(response, loginRequest, ProviderType.valueOf(provider));
 
             String loginResponseJson = objectMapper.writeValueAsString(loginResponse);
             response.setStatus(OK.value());

src/main/java/kr/co/fastcampus/yanabada/domain/auth/controller/AuthController.java

@@ -2,6 +2,7 @@
 
 import static kr.co.fastcampus.yanabada.common.jwt.constant.JwtConstant.AUTHORIZATION_HEADER;
 
+import jakarta.servlet.http.HttpServletResponse;
 import jakarta.validation.Valid;
 import kr.co.fastcampus.yanabada.common.jwt.dto.TokenRefreshResponse;
 import kr.co.fastcampus.yanabada.common.jwt.util.JwtUtils;
@@ -44,8 +45,11 @@ public ResponseBody<Long> oauthSignUp(@RequestBody @Valid OauthSignUpRequest sig
     }
 
     @PostMapping("/login")
-    public ResponseBody<LoginResponse> login(@RequestBody @Valid LoginRequest loginRequest) {
-        return ResponseBody.ok(authService.login(loginRequest));
+    public ResponseBody<LoginResponse> login(
+        HttpServletResponse response,
+        @RequestBody @Valid LoginRequest loginRequest
+    ) {
+        return ResponseBody.ok(authService.login(response, loginRequest));
     }
 
     @PostMapping("/logout")

src/main/java/kr/co/fastcampus/yanabada/domain/auth/service/AuthService.java

@@ -3,8 +3,12 @@
 import static kr.co.fastcampus.yanabada.domain.member.entity.ProviderType.EMAIL;
 import static kr.co.fastcampus.yanabada.domain.member.entity.RoleType.ROLE_USER;
 
+import com.fasterxml.jackson.core.JsonProcessingException;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import jakarta.servlet.http.HttpServletResponse;
 import java.util.Random;
 import kr.co.fastcampus.yanabada.common.exception.EmailDuplicatedException;
+import kr.co.fastcampus.yanabada.common.exception.JsonProcessFailedException;
 import kr.co.fastcampus.yanabada.common.jwt.dto.TokenIssueResponse;
 import kr.co.fastcampus.yanabada.common.jwt.dto.TokenRefreshResponse;
 import kr.co.fastcampus.yanabada.common.jwt.service.TokenService;
@@ -13,12 +17,14 @@
 import kr.co.fastcampus.yanabada.domain.auth.dto.request.OauthSignUpRequest;
 import kr.co.fastcampus.yanabada.domain.auth.dto.request.SignUpRequest;
 import kr.co.fastcampus.yanabada.domain.auth.dto.response.LoginResponse;
+import kr.co.fastcampus.yanabada.domain.member.dto.response.MemberDetailResponse;
 import kr.co.fastcampus.yanabada.domain.member.entity.Member;
 import kr.co.fastcampus.yanabada.domain.member.entity.ProviderType;
 import kr.co.fastcampus.yanabada.domain.member.repository.MemberRepository;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Value;
+import org.springframework.http.ResponseCookie;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.crypto.password.PasswordEncoder;
@@ -37,6 +43,7 @@ public class AuthService {
     private final JwtProvider jwtProvider;
     private final AuthenticationManagerBuilder authenticationManagerBuilder;
     private final TokenService tokenService;
+    private final ObjectMapper objectMapper;
     @Value("${spring.login.oauth2-password}")
     String oauthPassword;
 
@@ -87,32 +94,66 @@ private String getRandomProfileImage() {
     }
 
     @Transactional
-    public LoginResponse login(LoginRequest loginRequest) {
+    public LoginResponse login(
+        HttpServletResponse response, LoginRequest loginRequest
+    ) {
         UsernamePasswordAuthenticationToken authenticationToken = loginRequest.toAuthentication();
         authenticationManagerBuilder.getObject().authenticate(authenticationToken);
 
-        Member member = memberRepository.getMember(loginRequest.email(), EMAIL);
         TokenIssueResponse tokenIssue
             = tokenService.getTokenIssue(loginRequest.email(), EMAIL.name());
         if (tokenIssue == null) {
             tokenIssue = jwtProvider
                 .generateTokenInfo(loginRequest.email(), ROLE_USER.name(), EMAIL.name());
         }
+        Member member = memberRepository.getMember(loginRequest.email(), EMAIL);
+        storeValueInCookie(response, "accessToken", tokenIssue.accessToken());
+        storeValueInCookie(response, "refreshToken", tokenIssue.refreshToken());
+        storeValueInCookie(response, "member", getMemberDtoJsonStr(member));
         return LoginResponse.from(tokenIssue, member);
     }
 
     @Transactional
-    public LoginResponse loginOauth(LoginRequest loginRequest, ProviderType providerType) {
-        Member member = memberRepository.getMember(loginRequest.email(), providerType);
+    public LoginResponse loginOauth(
+        HttpServletResponse response,
+        LoginRequest loginRequest,
+        ProviderType providerType
+    ) {
         TokenIssueResponse tokenIssue
             = tokenService.getTokenIssue(loginRequest.email(), providerType.name());
         if (tokenIssue == null) {
             tokenIssue = jwtProvider
                 .generateTokenInfo(loginRequest.email(), ROLE_USER.name(), providerType.name());
         }
+        Member member = memberRepository.getMember(loginRequest.email(), providerType);
+        storeValueInCookie(response, "accessToken", tokenIssue.accessToken());
+        storeValueInCookie(response, "refreshToken", tokenIssue.refreshToken());
+        storeValueInCookie(response, "member", getMemberDtoJsonStr(member));
         return LoginResponse.from(tokenIssue, member);
     }
 
+    private void storeValueInCookie(
+        HttpServletResponse response, String key, String value
+    ) {
+        ResponseCookie cookie = ResponseCookie
+            .from(key, value)
+            .httpOnly(true)
+            .secure(true)
+            .path("/")
+            .sameSite("None")
+            .build();   //todo: domain 서브도메인 맞추기
+        response.addHeader("Set-Cookie", cookie.toString());
+    }
+
+    private String getMemberDtoJsonStr(Member member) {
+        try {
+            MemberDetailResponse memberDto = MemberDetailResponse.from(member);
+            return objectMapper.writeValueAsString(memberDto);
+        } catch (JsonProcessingException e) {
+            throw new JsonProcessFailedException();
+        }
+    }
+
     @Transactional
     public void logout(String refreshToken) {
         String email = jwtProvider.getEmail(refreshToken);