From a8d65ece5cc0d7ce9a3efbf7b4e9726e74807e0b Mon Sep 17 00:00:00 2001
From: sm4640 <s1m0611@naver.com>
Date: Tue, 13 May 2025 15:19:43 +0900
Subject: [PATCH 1/3] =?UTF-8?q?=E2=9C=8F=EF=B8=8F=20Fix:=20[#53]=20https?=
 =?UTF-8?q?=EC=97=90=EC=84=9C=EB=A7=8C=20=EC=84=B8=EC=85=98=20=EC=BF=A0?=
 =?UTF-8?q?=ED=82=A4=20=EC=A0=84=EC=86=A1=20=EC=84=A4=EC=A0=95=20=EB=B0=8F?=
 =?UTF-8?q?=20=EC=97=91=EC=84=B8=EC=8A=A4=20=ED=86=A0=ED=81=B0=20=EC=9C=A0?=
 =?UTF-8?q?=ED=9A=A8=EA=B8=B0=EA=B0=84=20=EB=A1=A4=EB=B0=B1?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 config/settings.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/config/settings.py b/config/settings.py
index 00b4048..41cf535 100644
--- a/config/settings.py
+++ b/config/settings.py
@@ -174,7 +174,7 @@ REST_FRAMEWORK = {
 REST_USE_JWT = True
 
 SIMPLE_JWT = {
-    'ACCESS_TOKEN_LIFETIME': timedelta(days=7), # minutes = 15
+    'ACCESS_TOKEN_LIFETIME': timedelta(minutes= 15),
     'REFRESH_TOKEN_LIFETIME': timedelta(days=7),
     'ROTATE_REFRESH_TOKENS': True,
     'BLACKLIST_AFTER_ROTATION': True,
@@ -213,7 +213,7 @@ SESSION_EXPIRE_AT_BROWSER_CLOSE = True
 SESSION_COOKIE_AGE = 86400
 
 # https에서만 세션 쿠키가 전송 (default false) https 배포 시 true로
-SESSION_COOKIE_SECURE = False
+SESSION_COOKIE_SECURE = True
 
 GOOGLE_CLIENT_ID = env('GOOGLE_CLIENT_ID')
 

From 19d98e3c1c361babf70214441fa4e42526f8219e Mon Sep 17 00:00:00 2001
From: sm4640 <s1m0611@naver.com>
Date: Tue, 13 May 2025 15:20:36 +0900
Subject: [PATCH 2/3] =?UTF-8?q?=E2=9C=A8=20Feat:=20[#53]=20custom=5Furl=20?=
 =?UTF-8?q?=EC=83=9D=EC=84=B1=20=EC=8B=9C=20serializer=20=EC=9C=A0?=
 =?UTF-8?q?=ED=9A=A8=EC=84=B1=20=EA=B2=80=EC=82=AC=20=EC=B6=94=EA=B0=80?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 users/serializers.py | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/users/serializers.py b/users/serializers.py
index 315224f..9110442 100644
--- a/users/serializers.py
+++ b/users/serializers.py
@@ -30,6 +30,15 @@ class SetPortofolioRequiredInfoSerializer(serializers.ModelSerializer):
         model = User
         fields = ['custom_url', 'job_and_interests']
 
+    def validate(self, attrs):
+        custom_url = attrs.get("custom_url")
+
+        if custom_url and (" " in custom_url or "." in custom_url):
+            raise serializers.ValidationError({
+                "message": "하지말라면 하지 좀 마"
+            })
+        
+        return super().validate(attrs)
 class TagUserSerializer(serializers.ModelSerializer):
     class Meta:
         model = User

From 5b55d82917b0ae514e0c5a7cfc3404582f167518 Mon Sep 17 00:00:00 2001
From: sm4640 <s1m0611@naver.com>
Date: Tue, 13 May 2025 15:21:46 +0900
Subject: [PATCH 3/3] =?UTF-8?q?=E2=9C=8F=EF=B8=8F=20Fix:=20[#53]=20?=
 =?UTF-8?q?=EC=BF=A0=ED=82=A4=20secure=3DTrue=20=EB=B0=8F=20=EC=BB=A4?=
 =?UTF-8?q?=EC=8A=A4=ED=85=80url=20=EC=9C=A0=ED=9A=A8=EC=84=B1=20=EA=B2=80?=
 =?UTF-8?q?=EC=82=AC=20=EC=98=88=EC=99=B8=EC=B6=94=EA=B0=80?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 users/views.py | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/users/views.py b/users/views.py
index f8e557e..b0a18e9 100644
--- a/users/views.py
+++ b/users/views.py
@@ -42,7 +42,7 @@ class RefreshAPIView(APIView):
             serializer = TokenRefreshSerializer(data={'refresh': refresh})
             if serializer.is_valid():
                 res = Response({"access": serializer.validated_data['access']}, status=status.HTTP_200_OK)
-            res.set_cookie("refresh", serializer.validated_data['refresh'], httponly=True, samesite=None, secure=not settings.DEBUG)
+            res.set_cookie("refresh", serializer.validated_data['refresh'], httponly=True, samesite=None, secure=True)
             return res
         except TokenError as e:
             return Response({"message": f"Invalid token: {e}"}, status=status.HTTP_401_UNAUTHORIZED)
@@ -93,7 +93,7 @@ class GoogleLoginAPIView(APIView):
                     },
                     status=status.HTTP_200_OK,
                 )
-            res.set_cookie("refresh", str(refresh), httponly=True, samesite=None, secure=not settings.DEBUG)
+            res.set_cookie("refresh", str(refresh), httponly=True, samesite=None, secure=True)
             return res
         else:
             return Response(
@@ -154,7 +154,7 @@ class LoginAPIView(APIView):
                     },
                     status=status.HTTP_200_OK,
                 )
-                res.set_cookie("refresh", serializer.validated_data['refresh'], httponly=True, samesite=None, secure=not settings.DEBUG)
+                res.set_cookie("refresh", serializer.validated_data['refresh'], httponly=True, samesite=None, secure=True)
                 return res
             else:
                 return Response(serializer.errors)
@@ -206,7 +206,7 @@ class SetPortofolioRequiredInfoAPIView(APIView):
     def patch(self, request):
         user = request.user
         serializer = SetPortofolioRequiredInfoSerializer(user, data=request.data)
-        if serializer.is_valid():
+        if serializer.is_valid(raise_exception=True):
             serializer.save()
             user.is_custom_url = True
             user.save()