From 5b55d82917b0ae514e0c5a7cfc3404582f167518 Mon Sep 17 00:00:00 2001
From: sm4640 <s1m0611@naver.com>
Date: Tue, 13 May 2025 15:21:46 +0900
Subject: [PATCH] =?UTF-8?q?=E2=9C=8F=EF=B8=8F=20Fix:=20[#53]=20=EC=BF=A0?=
 =?UTF-8?q?=ED=82=A4=20secure=3DTrue=20=EB=B0=8F=20=EC=BB=A4=EC=8A=A4?=
 =?UTF-8?q?=ED=85=80url=20=EC=9C=A0=ED=9A=A8=EC=84=B1=20=EA=B2=80=EC=82=AC?=
 =?UTF-8?q?=20=EC=98=88=EC=99=B8=EC=B6=94=EA=B0=80?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 users/views.py | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/users/views.py b/users/views.py
index f8e557e..b0a18e9 100644
--- a/users/views.py
+++ b/users/views.py
@@ -42,7 +42,7 @@ class RefreshAPIView(APIView):
             serializer = TokenRefreshSerializer(data={'refresh': refresh})
             if serializer.is_valid():
                 res = Response({"access": serializer.validated_data['access']}, status=status.HTTP_200_OK)
-            res.set_cookie("refresh", serializer.validated_data['refresh'], httponly=True, samesite=None, secure=not settings.DEBUG)
+            res.set_cookie("refresh", serializer.validated_data['refresh'], httponly=True, samesite=None, secure=True)
             return res
         except TokenError as e:
             return Response({"message": f"Invalid token: {e}"}, status=status.HTTP_401_UNAUTHORIZED)
@@ -93,7 +93,7 @@ class GoogleLoginAPIView(APIView):
                     },
                     status=status.HTTP_200_OK,
                 )
-            res.set_cookie("refresh", str(refresh), httponly=True, samesite=None, secure=not settings.DEBUG)
+            res.set_cookie("refresh", str(refresh), httponly=True, samesite=None, secure=True)
             return res
         else:
             return Response(
@@ -154,7 +154,7 @@ class LoginAPIView(APIView):
                     },
                     status=status.HTTP_200_OK,
                 )
-                res.set_cookie("refresh", serializer.validated_data['refresh'], httponly=True, samesite=None, secure=not settings.DEBUG)
+                res.set_cookie("refresh", serializer.validated_data['refresh'], httponly=True, samesite=None, secure=True)
                 return res
             else:
                 return Response(serializer.errors)
@@ -206,7 +206,7 @@ class SetPortofolioRequiredInfoAPIView(APIView):
     def patch(self, request):
         user = request.user
         serializer = SetPortofolioRequiredInfoSerializer(user, data=request.data)
-        if serializer.is_valid():
+        if serializer.is_valid(raise_exception=True):
             serializer.save()
             user.is_custom_url = True
             user.save()