diff --git a/app/src/main/java/fc/be/app/common/authentication/controller/AuthController.java b/app/src/main/java/fc/be/app/common/authentication/controller/AuthController.java index ac3b2db4..d59122dc 100644 --- a/app/src/main/java/fc/be/app/common/authentication/controller/AuthController.java +++ b/app/src/main/java/fc/be/app/common/authentication/controller/AuthController.java @@ -172,7 +172,6 @@ public void joinSpaceToken(@PathVariable Long spaceId, @RequestParam String code Instant expiredInstant = LocalDateTime.now().atZone(ZoneId.systemDefault()).toInstant(); String expiredEmptyJwt = JWT.create().withExpiresAt(expiredInstant).sign(Algorithm.none()); CookieUtil.addCookieNotHttpOnly(response, "join_space_token", expiredEmptyJwt, 60 * 5); - CookieUtil.addCookieNotHttpOnlyForLocal(response, "join_space_token", expiredEmptyJwt, 60 * 5); response.sendRedirect("https://tripvote.site"); return; } @@ -180,7 +179,6 @@ public void joinSpaceToken(@PathVariable Long spaceId, @RequestParam String code JoinSpaceToken genRequest = JoinSpaceToken.unauthenticated(null, codeInfo.get("issuer"), spaceId); Token generatedToken = delegatingTokenManager.generate(genRequest); CookieUtil.addCookieNotHttpOnly(response, "join_space_token", generatedToken.getTokenValue(), 60 * 60 * 2); - CookieUtil.addCookieNotHttpOnlyForLocal(response, "join_space_token", generatedToken.getTokenValue(), 60 * 60 * 2); response.sendRedirect("https://tripvote.site"); } diff --git a/app/src/main/java/fc/be/app/common/authentication/controller/dto/request/ModifyLostPasswordRequest.java b/app/src/main/java/fc/be/app/common/authentication/controller/dto/request/ModifyLostPasswordRequest.java index 1b9a72d2..645ba82b 100644 --- a/app/src/main/java/fc/be/app/common/authentication/controller/dto/request/ModifyLostPasswordRequest.java +++ b/app/src/main/java/fc/be/app/common/authentication/controller/dto/request/ModifyLostPasswordRequest.java @@ -1,9 +1,9 @@ package fc.be.app.common.authentication.controller.dto.request; +import fc.be.app.domain.member.controller.validation.Password; import jakarta.validation.constraints.Email; import jakarta.validation.constraints.NotBlank; import jakarta.validation.constraints.NotNull; -import jakarta.validation.constraints.Pattern; public record ModifyLostPasswordRequest( @NotBlank @@ -11,7 +11,7 @@ public record ModifyLostPasswordRequest( @Email @NotNull String email, - @Pattern(regexp = "^(?=.*[a-zA-Z])(?=.*[!@#$%^&*()])(?=.*[0-9]).{8,16}$") + @Password String newPassword ) { } diff --git a/app/src/main/java/fc/be/app/common/authentication/controller/dto/request/ModifyPasswordRequest.java b/app/src/main/java/fc/be/app/common/authentication/controller/dto/request/ModifyPasswordRequest.java index 4e05e45e..2a75953c 100644 --- a/app/src/main/java/fc/be/app/common/authentication/controller/dto/request/ModifyPasswordRequest.java +++ b/app/src/main/java/fc/be/app/common/authentication/controller/dto/request/ModifyPasswordRequest.java @@ -1,12 +1,12 @@ package fc.be.app.common.authentication.controller.dto.request; +import fc.be.app.domain.member.controller.validation.Password; import jakarta.validation.constraints.NotBlank; -import jakarta.validation.constraints.Pattern; public record ModifyPasswordRequest( @NotBlank String token, - @Pattern(regexp = "^(?=.*[a-zA-Z])(?=.*[!@#$%^&*()])(?=.*[0-9]).{8,16}$") + @Password String newPassword ) { } diff --git a/app/src/main/java/fc/be/app/common/authentication/controller/dto/request/RegisterMemberRequest.java b/app/src/main/java/fc/be/app/common/authentication/controller/dto/request/RegisterMemberRequest.java index aceab810..520059e4 100644 --- a/app/src/main/java/fc/be/app/common/authentication/controller/dto/request/RegisterMemberRequest.java +++ b/app/src/main/java/fc/be/app/common/authentication/controller/dto/request/RegisterMemberRequest.java @@ -1,5 +1,6 @@ package fc.be.app.common.authentication.controller.dto.request; +import fc.be.app.domain.member.controller.validation.Password; import jakarta.validation.constraints.Email; import jakarta.validation.constraints.NotBlank; import jakarta.validation.constraints.NotNull; @@ -11,7 +12,7 @@ public record RegisterMemberRequest( @Email @NotNull String email, - @Pattern(regexp = "^(?=.*[a-zA-Z])(?=.*[!@#$%^&*()])(?=.*[0-9]).{8,16}$") + @Password String password, @NotBlank String nickname, diff --git a/app/src/main/java/fc/be/app/domain/member/controller/MemberController.java b/app/src/main/java/fc/be/app/domain/member/controller/MemberController.java index 9053981f..ad531082 100644 --- a/app/src/main/java/fc/be/app/domain/member/controller/MemberController.java +++ b/app/src/main/java/fc/be/app/domain/member/controller/MemberController.java @@ -24,6 +24,9 @@ import fc.be.app.domain.wish.service.WishService; import fc.be.app.global.config.security.model.user.UserPrincipal; import fc.be.app.global.http.ApiResponse; +import fc.be.app.global.util.CookieUtil; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; import jakarta.validation.Valid; import lombok.RequiredArgsConstructor; import org.springframework.data.domain.Pageable; @@ -96,11 +99,13 @@ public ApiResponse changeProfileAndNickname(@AuthenticationPrincipal UserP @PostMapping("/sign-out") @PreAuthorize("isAuthenticated()") - public ApiResponse signOut(@AuthenticationPrincipal UserPrincipal userPrincipal, @Valid @RequestBody(required = false) DeleteMemberRequest request, @CookieValue(name = "access-token", required = false) String accessToken) { + public ApiResponse signOut(@AuthenticationPrincipal UserPrincipal userPrincipal, @Valid @RequestBody(required = false) DeleteMemberRequest request, @CookieValue(name = "access-token", required = false) String accessToken, HttpServletRequest servletRequest, HttpServletResponse servletResponse) { if (userPrincipal.authProvider() != AuthProvider.NONE) { ProviderMemberDeactivateRequest deactivateRequest = new ProviderMemberDeactivateRequest(userPrincipal.id(), accessToken); try { memberCommand.deactivate(deactivateRequest); + CookieUtil.deleteCookie(servletRequest, servletResponse, "access-token"); + CookieUtil.deleteCookie(servletRequest, servletResponse, "refresh-token"); } catch (AuthException exception) { throw exception; } @@ -108,6 +113,8 @@ public ApiResponse signOut(@AuthenticationPrincipal UserPrincipal userPrin } MemberDeactivateRequest deactivateRequest = new MemberDeactivateRequest(userPrincipal.id(), request.password()); memberCommand.deactivate(deactivateRequest); + CookieUtil.deleteCookie(servletRequest, servletResponse, "access-token"); + CookieUtil.deleteCookie(servletRequest, servletResponse, "refresh-token"); return ApiResponse.ok(); } } diff --git a/app/src/main/java/fc/be/app/domain/member/controller/dto/request/DeleteMemberRequest.java b/app/src/main/java/fc/be/app/domain/member/controller/dto/request/DeleteMemberRequest.java index 3c165f0e..fd414c5b 100644 --- a/app/src/main/java/fc/be/app/domain/member/controller/dto/request/DeleteMemberRequest.java +++ b/app/src/main/java/fc/be/app/domain/member/controller/dto/request/DeleteMemberRequest.java @@ -1,9 +1,9 @@ package fc.be.app.domain.member.controller.dto.request; -import jakarta.validation.constraints.Pattern; +import fc.be.app.domain.member.controller.validation.Password; public record DeleteMemberRequest( - @Pattern(regexp = "^(?=.*[a-zA-Z])(?=.*[!@#$%^&*()])(?=.*[0-9]).{8,16}$") + @Password String password ) { } diff --git a/app/src/main/java/fc/be/app/domain/member/controller/dto/response/MyInfoResponse.java b/app/src/main/java/fc/be/app/domain/member/controller/dto/response/MyInfoResponse.java index c1cb9b8a..8f0b0a72 100644 --- a/app/src/main/java/fc/be/app/domain/member/controller/dto/response/MyInfoResponse.java +++ b/app/src/main/java/fc/be/app/domain/member/controller/dto/response/MyInfoResponse.java @@ -7,9 +7,10 @@ public record MyInfoResponse( String nickname, String email, String profile, - AuthProvider provider + AuthProvider provider, + boolean isSubscribe ) { public static MyInfoResponse from(MemberQuery.MemberResponse memberResponse) { - return new MyInfoResponse(memberResponse.nickname(), memberResponse.email(), memberResponse.profile(), memberResponse.provider()); + return new MyInfoResponse(memberResponse.nickname(), memberResponse.email(), memberResponse.profile(), memberResponse.provider(), memberResponse.isSubscribe()); } } diff --git a/app/src/main/java/fc/be/app/domain/member/controller/validation/Password.java b/app/src/main/java/fc/be/app/domain/member/controller/validation/Password.java new file mode 100644 index 00000000..5ac1de82 --- /dev/null +++ b/app/src/main/java/fc/be/app/domain/member/controller/validation/Password.java @@ -0,0 +1,29 @@ +package fc.be.app.domain.member.controller.validation; + +import jakarta.validation.Constraint; +import jakarta.validation.Payload; +import jakarta.validation.ReportAsSingleViolation; +import jakarta.validation.constraints.NotNull; +import jakarta.validation.constraints.Pattern; + +import java.lang.annotation.Documented; +import java.lang.annotation.Retention; +import java.lang.annotation.Target; + +import static java.lang.annotation.ElementType.*; +import static java.lang.annotation.RetentionPolicy.RUNTIME; + +@NotNull +@Pattern(regexp = "^(?=.*[a-zA-Z])(?=.*[!@#$%^&*()])(?=.*\\d).{8,16}$") +@Documented +@Constraint(validatedBy = {}) +@Target({METHOD, FIELD, ANNOTATION_TYPE, CONSTRUCTOR, PARAMETER, TYPE_USE}) +@Retention(RUNTIME) +@ReportAsSingleViolation +public @interface Password { + String message() default "유효하지 않은 비밀번호 폼입니다"; + + Class[] groups() default {}; + + Class[] payload() default {}; +} \ No newline at end of file diff --git a/app/src/main/java/fc/be/app/domain/member/service/MemberQuery.java b/app/src/main/java/fc/be/app/domain/member/service/MemberQuery.java index 52bdf3dc..ddb7d799 100644 --- a/app/src/main/java/fc/be/app/domain/member/service/MemberQuery.java +++ b/app/src/main/java/fc/be/app/domain/member/service/MemberQuery.java @@ -42,7 +42,8 @@ record MemberResponse( String email, String nickname, String profile, - AuthProvider provider + AuthProvider provider, + boolean isSubscribe ) { } } diff --git a/app/src/main/java/fc/be/app/domain/member/service/MemberQueryHandler.java b/app/src/main/java/fc/be/app/domain/member/service/MemberQueryHandler.java index 702105c0..11de9052 100644 --- a/app/src/main/java/fc/be/app/domain/member/service/MemberQueryHandler.java +++ b/app/src/main/java/fc/be/app/domain/member/service/MemberQueryHandler.java @@ -29,7 +29,8 @@ public Optional findById(Long id) { member.getEmail(), member.getNickname(), member.getProfile(), - member.getProvider())); + member.getProvider(), + member.isSubscription())); } @Override @@ -42,7 +43,8 @@ public Optional find(MemberRequest request) { member.getEmail(), member.getNickname(), member.getProfile(), - member.getProvider())); + member.getProvider(), + member.isSubscription())); } @Override @@ -55,7 +57,8 @@ public Optional find(ProviderMemberRequest request) { member.getEmail(), member.getNickname(), member.getProfile(), - member.getProvider())); + member.getProvider(), + member.isSubscription())); } @Override diff --git a/app/src/main/java/fc/be/app/domain/notification/application/NotificationSubscribeService.java b/app/src/main/java/fc/be/app/domain/notification/application/NotificationSubscribeService.java index 868ecc15..16851261 100644 --- a/app/src/main/java/fc/be/app/domain/notification/application/NotificationSubscribeService.java +++ b/app/src/main/java/fc/be/app/domain/notification/application/NotificationSubscribeService.java @@ -10,12 +10,14 @@ import fc.be.app.domain.space.repository.JoinedMemberRepository; import fc.be.notification.application.NotificationSubscribePort; import org.springframework.stereotype.Service; +import org.springframework.transaction.annotation.Transactional; import java.util.List; import static fc.be.app.domain.notification.exception.NotificationErrorCode.NOT_FOUND_TOKEN; @Service +@Transactional public class NotificationSubscribeService { private static final long GLOBAL_TOPIC_ID = 0; diff --git a/app/src/main/java/fc/be/app/domain/notification/controller/NotificationTokenController.java b/app/src/main/java/fc/be/app/domain/notification/controller/NotificationTokenController.java index 7d587bae..7360360d 100644 --- a/app/src/main/java/fc/be/app/domain/notification/controller/NotificationTokenController.java +++ b/app/src/main/java/fc/be/app/domain/notification/controller/NotificationTokenController.java @@ -7,6 +7,7 @@ import fc.be.app.global.http.ApiResponse; import jakarta.validation.Valid; import lombok.RequiredArgsConstructor; +import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.security.core.annotation.AuthenticationPrincipal; import org.springframework.web.bind.annotation.PostMapping; import org.springframework.web.bind.annotation.RequestBody; @@ -19,6 +20,7 @@ public class NotificationTokenController { private final NotificationTokenRegisterService notificationTokenRegisterService; @PostMapping("/notifications/token") + @PreAuthorize("isAuthenticated()") public ApiResponse createFcmToken( @Valid @RequestBody TokenRegisterApiRequest request, @AuthenticationPrincipal UserPrincipal userPrincipal diff --git a/app/src/main/java/fc/be/app/domain/place/service/PlaceService.java b/app/src/main/java/fc/be/app/domain/place/service/PlaceService.java index 02e2fad5..fa4dcd29 100644 --- a/app/src/main/java/fc/be/app/domain/place/service/PlaceService.java +++ b/app/src/main/java/fc/be/app/domain/place/service/PlaceService.java @@ -8,7 +8,6 @@ import fc.be.app.domain.place.exception.PlaceException; import fc.be.app.domain.place.repository.PlaceRepository; import fc.be.openapi.algolia.SearchEngineService; -import fc.be.openapi.google.dto.review.APIRatingResponse; import fc.be.openapi.google.service.ReviewAPIService; import fc.be.openapi.tourapi.TourAPIService; import fc.be.openapi.tourapi.dto.response.bone.PlaceDTO; @@ -93,11 +92,7 @@ public PlaceNearbyResponse bringNearbyPlaces(PlaceNearbyRequest placeNearbyReque throw new PlaceException(PLACE_NOT_LOADED); } - List apiRatingResponses = places.stream() - .map(place -> reviewAPIService.bringRatingCount(place.getTitle(), place.getContentTypeId())) - .toList(); - - return PlaceNearbyResponse.from(places).with(apiRatingResponses); + return PlaceNearbyResponse.from(places); } public PlacePopularGetResponse bringPopularPlaces(PlacePopularGetRequest placePopularGetRequest) { diff --git a/app/src/main/java/fc/be/app/domain/vote/service/dto/response/vo/PlaceInfo.java b/app/src/main/java/fc/be/app/domain/vote/service/dto/response/vo/PlaceInfo.java index f42e7105..758b25d4 100644 --- a/app/src/main/java/fc/be/app/domain/vote/service/dto/response/vo/PlaceInfo.java +++ b/app/src/main/java/fc/be/app/domain/vote/service/dto/response/vo/PlaceInfo.java @@ -4,6 +4,7 @@ public record PlaceInfo( Integer placeId, + Integer contentTypeId, String placeName, String category, int areaCode, @@ -14,6 +15,7 @@ public record PlaceInfo( public static PlaceInfo of(Place place) { return new PlaceInfo( place.getId(), + place.getContentTypeId().getId(), place.getTitle(), place.getCategory(), place.getLocation().getAreaCode(), diff --git a/app/src/main/java/fc/be/app/global/config/security/SecurityAppConfig.java b/app/src/main/java/fc/be/app/global/config/security/SecurityAppConfig.java index 5cb61b7e..f6e1c469 100644 --- a/app/src/main/java/fc/be/app/global/config/security/SecurityAppConfig.java +++ b/app/src/main/java/fc/be/app/global/config/security/SecurityAppConfig.java @@ -15,8 +15,8 @@ import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.security.web.authentication.WebAuthenticationDetails; import org.springframework.web.cors.CorsConfiguration; -import org.springframework.web.cors.CorsConfigurationSource; import org.springframework.web.cors.UrlBasedCorsConfigurationSource; +import org.springframework.web.filter.CorsFilter; import java.util.Arrays; import java.util.List; @@ -44,7 +44,7 @@ public JwtAuthenticationFilter jwtAuthenticationFilter(JwtAuthenticationProvider @Bean @Profile("prod") - public CorsConfigurationSource prodCorsFilter() { + public CorsFilter prodCorsFilter() { CorsConfiguration corsConfiguration = new CorsConfiguration(); corsConfiguration.setAllowCredentials(true); corsConfiguration.setAllowedOrigins(corsProperties.getAllowedOrigins()); @@ -53,12 +53,12 @@ public CorsConfigurationSource prodCorsFilter() { Arrays.asList("GET", "POST", "PUT", "DELETE", "PATCH", "OPTIONS")); UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); source.registerCorsConfiguration("/**", corsConfiguration); - return source; + return new CorsFilter(source); } @Bean @Profile(value = {"default", "dev"}) - public CorsConfigurationSource developCorsFilter() { + public CorsFilter developCorsFilter() { CorsConfiguration corsConfiguration = new CorsConfiguration(); corsConfiguration.setAllowCredentials(true); corsConfiguration.setAllowedOrigins(corsProperties.getAllowedOrigins()); @@ -67,6 +67,6 @@ public CorsConfigurationSource developCorsFilter() { corsConfiguration.addExposedHeader("*"); UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); source.registerCorsConfiguration("/**", corsConfiguration); - return source; + return new CorsFilter(source); } } diff --git a/app/src/main/java/fc/be/app/global/config/security/filter/JwtAuthenticationFilter.java b/app/src/main/java/fc/be/app/global/config/security/filter/JwtAuthenticationFilter.java index fc6b2289..d8c46f3b 100644 --- a/app/src/main/java/fc/be/app/global/config/security/filter/JwtAuthenticationFilter.java +++ b/app/src/main/java/fc/be/app/global/config/security/filter/JwtAuthenticationFilter.java @@ -90,7 +90,6 @@ protected void onSuccessfulAuthentication(HttpServletRequest request, HttpServle TokenPair newTokenPair = (TokenPair) jwtAuthToken.getCredentials(); if (newTokenPair.isRegenerated()) { CookieUtil.addCookie(response, tokenProperties.getAccessTokenName(), newTokenPair.accessToken(), Integer.parseInt(tokenProperties.getAccessTokenCookieExpireTime())); - CookieUtil.addCookieForLocal(response, tokenProperties.getAccessTokenName(), newTokenPair.accessToken(), Integer.parseInt(tokenProperties.getAccessTokenCookieExpireTime())); } } } diff --git a/app/src/main/java/fc/be/app/global/config/security/handler/LoginAuthenticationSuccessHandler.java b/app/src/main/java/fc/be/app/global/config/security/handler/LoginAuthenticationSuccessHandler.java index 5feacd34..bd9cd34c 100644 --- a/app/src/main/java/fc/be/app/global/config/security/handler/LoginAuthenticationSuccessHandler.java +++ b/app/src/main/java/fc/be/app/global/config/security/handler/LoginAuthenticationSuccessHandler.java @@ -50,14 +50,11 @@ public void onAuthenticationSuccess(HttpServletRequest request, HttpServletRespo throw new InternalAuthenticationServiceException(ex.getMessage(), ex); } CookieUtil.addCookie(response, tokenProperties.getAccessTokenName(), accessToken, Integer.parseInt(tokenProperties.getAccessTokenCookieExpireTime())); - CookieUtil.addCookieForLocal(response, tokenProperties.getAccessTokenName(), accessToken, Integer.parseInt(tokenProperties.getAccessTokenCookieExpireTime())); String refreshToken = refreshTokenService.refresh(accessToken, principal, (AuthenticationDetails) loginAuthentication.getDetails()); CookieUtil.addCookie(response, tokenProperties.getRefreshTokenName(), refreshToken, Integer.parseInt(tokenProperties.getRefreshTokenCookieExpireTime())); - CookieUtil.addCookieForLocal(response, tokenProperties.getRefreshTokenName(), refreshToken, Integer.parseInt(tokenProperties.getRefreshTokenCookieExpireTime())); CookieUtil.addSessionCookie(response, "isLogin", "true"); - CookieUtil.addSessionCookieForLocal(response, "isLogin", "true"); response.setStatus(HttpStatus.OK.value()); response.setContentType(MediaType.APPLICATION_JSON_VALUE); diff --git a/app/src/main/java/fc/be/app/global/config/security/handler/OAuth2AuthenticationSuccessHandler.java b/app/src/main/java/fc/be/app/global/config/security/handler/OAuth2AuthenticationSuccessHandler.java index 4fdf78a1..8413fdad 100644 --- a/app/src/main/java/fc/be/app/global/config/security/handler/OAuth2AuthenticationSuccessHandler.java +++ b/app/src/main/java/fc/be/app/global/config/security/handler/OAuth2AuthenticationSuccessHandler.java @@ -73,14 +73,11 @@ public void onAuthenticationSuccess(HttpServletRequest request, HttpServletRespo throw new InternalAuthenticationServiceException(ex.getMessage(), ex); } CookieUtil.addCookie(response, tokenProperties.getAccessTokenName(), accessToken, Integer.parseInt(tokenProperties.getAccessTokenExpireTime())); - CookieUtil.addCookieForLocal(response, tokenProperties.getAccessTokenName(), accessToken, Integer.parseInt(tokenProperties.getAccessTokenExpireTime())); String refreshToken = refreshTokenService.refresh(accessToken, userPrincipal, (AuthenticationDetails) oauth2Authentication.getDetails()); CookieUtil.addCookie(response, tokenProperties.getRefreshTokenName(), refreshToken, Integer.parseInt(tokenProperties.getRefreshTokenCookieExpireTime())); - CookieUtil.addCookieForLocal(response, tokenProperties.getRefreshTokenName(), refreshToken, Integer.parseInt(tokenProperties.getRefreshTokenCookieExpireTime())); CookieUtil.addSessionCookie(response, "isLogin", "true"); - CookieUtil.addSessionCookieForLocal(response, "isLogin", "true"); response.sendRedirect("https://tripvote.site"); } diff --git a/app/src/main/java/fc/be/app/global/util/CookieUtil.java b/app/src/main/java/fc/be/app/global/util/CookieUtil.java index 8c5f1c32..a43eaab5 100644 --- a/app/src/main/java/fc/be/app/global/util/CookieUtil.java +++ b/app/src/main/java/fc/be/app/global/util/CookieUtil.java @@ -20,17 +20,6 @@ public static Optional getCookie(HttpServletRequest request, String name return Optional.empty(); } - public static void addCookie(HttpServletResponse response, String name, String value, int maxAge) { - Cookie cookie = new Cookie(name, value); - cookie.setPath("/"); - cookie.setDomain("tripvote.site"); - cookie.setHttpOnly(true); - cookie.setSecure(true); - cookie.setAttribute("SameSite", "Lax"); - cookie.setMaxAge(maxAge); - response.addCookie(cookie); - } - public static void addCookieNotHttpOnly(HttpServletResponse response, String name, String value, int maxAge) { Cookie cookie = new Cookie(name, value); cookie.setPath("/"); @@ -42,18 +31,7 @@ public static void addCookieNotHttpOnly(HttpServletResponse response, String nam response.addCookie(cookie); } - public static void addSessionCookie(HttpServletResponse response, String name, String value) { - Cookie cookie = new Cookie(name, value); - cookie.setPath("/"); - cookie.setDomain("tripvote.site"); - cookie.setHttpOnly(false); - cookie.setSecure(true); - cookie.setAttribute("SameSite", "Lax"); - response.addCookie(cookie); - } - - // TODO: Remove before product - public static void addCookieForLocal(HttpServletResponse response, String name, String value, int maxAge) { + public static void addCookie(HttpServletResponse response, String name, String value, int maxAge) { Cookie cookie = new Cookie(name, value); cookie.setPath("/"); cookie.setHttpOnly(true); @@ -63,17 +41,7 @@ public static void addCookieForLocal(HttpServletResponse response, String name, response.addCookie(cookie); } - public static void addCookieNotHttpOnlyForLocal(HttpServletResponse response, String name, String value, int maxAge) { - Cookie cookie = new Cookie(name, value); - cookie.setPath("/"); - cookie.setHttpOnly(false); - cookie.setSecure(true); - cookie.setAttribute("SameSite", "Lax"); - cookie.setMaxAge(maxAge); - response.addCookie(cookie); - } - - public static void addSessionCookieForLocal(HttpServletResponse response, String name, String value) { + public static void addSessionCookie(HttpServletResponse response, String name, String value) { Cookie cookie = new Cookie(name, value); cookie.setPath("/"); cookie.setHttpOnly(false);