nkey/colio
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

✏️ Fix: [#53] 쿠키 secure=True 및 커스텀url 유효성 검사 예외추가

Browse Source
This commit is contained in:
sm4640
2025-05-13 15:21:46 +09:00
parent 19d98e3c1c
commit 5b55d82917
1 changed files with 4 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
users/views.py
View File

@@ -42,7 +42,7 @@ class RefreshAPIView(APIView):
serializer = TokenRefreshSerializer(data={'refresh': refresh}) serializer = TokenRefreshSerializer(data={'refresh': refresh})
if serializer.is_valid(): if serializer.is_valid():
res = Response({"access": serializer.validated_data['access']}, status=status.HTTP_200_OK) res = Response({"access": serializer.validated_data['access']}, status=status.HTTP_200_OK)
res.set_cookie("refresh", serializer.validated_data['refresh'], httponly=True, samesite=None, secure=not settings.DEBUG) res.set_cookie("refresh", serializer.validated_data['refresh'], httponly=True, samesite=None, secure=True)
return res return res
except TokenError as e: except TokenError as e:
return Response({"message": f"Invalid token: {e}"}, status=status.HTTP_401_UNAUTHORIZED) return Response({"message": f"Invalid token: {e}"}, status=status.HTTP_401_UNAUTHORIZED)
@@ -93,7 +93,7 @@ class GoogleLoginAPIView(APIView):
}, },
status=status.HTTP_200_OK, status=status.HTTP_200_OK,
) )
res.set_cookie("refresh", str(refresh), httponly=True, samesite=None, secure=not settings.DEBUG) res.set_cookie("refresh", str(refresh), httponly=True, samesite=None, secure=True)
return res return res
else: else:
return Response( return Response(
@@ -154,7 +154,7 @@ class LoginAPIView(APIView):
}, },
status=status.HTTP_200_OK, status=status.HTTP_200_OK,
) )
res.set_cookie("refresh", serializer.validated_data['refresh'], httponly=True, samesite=None, secure=not settings.DEBUG) res.set_cookie("refresh", serializer.validated_data['refresh'], httponly=True, samesite=None, secure=True)
return res return res
else: else:
return Response(serializer.errors) return Response(serializer.errors)
@@ -206,7 +206,7 @@ class SetPortofolioRequiredInfoAPIView(APIView):
def patch(self, request): def patch(self, request):
user = request.user user = request.user
serializer = SetPortofolioRequiredInfoSerializer(user, data=request.data) serializer = SetPortofolioRequiredInfoSerializer(user, data=request.data)
if serializer.is_valid(): if serializer.is_valid(raise_exception=True):
serializer.save() serializer.save()
user.is_custom_url = True user.is_custom_url = True
user.save() user.save()