nkey/colio
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

🐛 Fix: [#30] 쿠키 secure=not settings.debug로 수정

Browse Source
This commit is contained in:
sm4640
2025-04-12 15:53:08 +09:00
parent fffb0446c4
commit 493622ab7e
1 changed files with 4 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
users/views.py
View File

@@ -1,3 +1,5 @@
from django.conf import settings
from django.shortcuts import get_object_or_404 from django.shortcuts import get_object_or_404
from rest_framework.views import APIView from rest_framework.views import APIView
@@ -28,7 +30,7 @@ class RefreshAPIView(APIView):
serializer = TokenRefreshSerializer(data={'refresh': refresh}) serializer = TokenRefreshSerializer(data={'refresh': refresh})
if serializer.is_valid(): if serializer.is_valid():
res = Response({"access": serializer.validated_data['access']}, status=status.HTTP_200_OK) res = Response({"access": serializer.validated_data['access']}, status=status.HTTP_200_OK)
res.set_cookie("refresh", serializer.validated_data['refresh'], httponly=True, samesite="Lax", secure=True) res.set_cookie("refresh", serializer.validated_data['refresh'], httponly=True, samesite="Lax", secure=not settings.DEBUG)
return res return res
except TokenError as e: except TokenError as e:
return Response({"message": f"Invalid token: {e}"}, status=status.HTTP_401_UNAUTHORIZED) return Response({"message": f"Invalid token: {e}"}, status=status.HTTP_401_UNAUTHORIZED)
@@ -75,7 +77,7 @@ class LoginAPIView(APIView):
}, },
status=status.HTTP_200_OK, status=status.HTTP_200_OK,
) )
res.set_cookie("refresh", serializer.validated_data['refresh'], httponly=True, samesite="Lax", secure=True) res.set_cookie("refresh", serializer.validated_data['refresh'], httponly=True, samesite="Lax", secure=not settings.DEBUG)
return res return res
else: else:
return Response(serializer.errors) return Response(serializer.errors)