Skip to content

Fix/리프레시 토큰 생성 로직 수정 #7

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
GoGradually merged 1 commit into from
Dec 26, 2025
Merged

Fix/리프레시 토큰 생성 로직 수정 #7

GoGradually merged 1 commit into from
Dec 26, 2025

Conversation

@GoGradually
Copy link
Collaborator

@GoGradually GoGradually commented Dec 26, 2025

변경된 점

  • 리프레쉬 토큰을 재발급하지 않도록 수정 - 치명적 리프레쉬 토큰 탈취 방지

Copilot AI review requested due to automatic review settings December 26, 2025 09:09
Copilot AI reviewed Dec 26, 2025
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

이 PR은 리프레시 토큰 재발급 로직을 제거하여 토큰 탈취 공격에 대한 보안을 강화합니다.

  • /refresh 엔드포인트에서 새로운 리프레시 토큰 생성 및 쿠키 설정 로직 제거
  • 리프레시 토큰 rotation 전략에서 고정 토큰 전략으로 변경

@GoGradually GoGradually merged commit 7709ced into master Dec 26, 2025
7 checks passed
@GoGradually GoGradually deleted the fix/refresh-토큰-중복-발행-문제-해결 branch December 26, 2025 09:13
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@GoGradually