Refactor: 회원 탈퇴시 쿠키 삭제 되도록 수정

thelightway24 · thelightway24 · commit c6dff9a5a76c · 2025-07-23T12:14:09.000+09:00
diff --git a/src/main/java/com/likelion/ai_teacher_a/domain/user/controller/UserController.java b/src/main/java/com/likelion/ai_teacher_a/domain/user/controller/UserController.java
@@ -1,16 +1,19 @@
 package com.likelion.ai_teacher_a.domain.user.controller;
 
 import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.CookieValue;
 import org.springframework.web.bind.annotation.DeleteMapping;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 
 import com.likelion.ai_teacher_a.domain.user.service.UserService;
 import com.likelion.ai_teacher_a.global.auth.resolver.annotation.LoginUserId;
+import com.likelion.ai_teacher_a.global.auth.util.dto.CookieResponse;
 
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.tags.Tag;
+import jakarta.servlet.http.HttpServletResponse;
 import lombok.RequiredArgsConstructor;
 
 @Tag(name = "User Controller", description = "사용자 관련 API")
@@ -23,15 +26,18 @@ public class UserController {
 
 	@Operation(summary = "회원 탈퇴")
 	@DeleteMapping
-	public ResponseEntity<Void> deleteCurrentUser(@LoginUserId Long loginId) {
+	public ResponseEntity<Void> deleteCurrentUser(@LoginUserId Long loginId,
+		@CookieValue("refresh_token") String refreshToken) {
 
-		userService.deleteUserById(loginId);
+		userService.deleteUserById(loginId, refreshToken);
 		return ResponseEntity.noContent().build();
 	}
 
 	@PostMapping("/logout")
-	public ResponseEntity<?> logout(@LoginUserId Long userId) {
-		userService.deleteRefreshToken(userId);
+	public ResponseEntity<?> logout(@LoginUserId Long userId, @CookieValue("refresh_token") String refreshToken,
+		HttpServletResponse resp) {
+		CookieResponse result = userService.deleteRefreshToken(userId, refreshToken);
+		resp.addCookie(result.cookie());
 		return ResponseEntity.ok().build();
 	}
 
diff --git a/src/main/java/com/likelion/ai_teacher_a/domain/user/service/UserService.java b/src/main/java/com/likelion/ai_teacher_a/domain/user/service/UserService.java
@@ -7,10 +7,13 @@
 import com.likelion.ai_teacher_a.domain.user.entity.User;
 import com.likelion.ai_teacher_a.domain.user.repository.UserRepository;
 import com.likelion.ai_teacher_a.domain.userJr.repository.UserJrRepository;
+import com.likelion.ai_teacher_a.global.auth.util.CookieUtils;
 import com.likelion.ai_teacher_a.global.auth.util.JwtUtil;
+import com.likelion.ai_teacher_a.global.auth.util.dto.CookieResponse;
 import com.likelion.ai_teacher_a.global.exception.CustomException;
 import com.likelion.ai_teacher_a.global.exception.ErrorCode;
 
+import jakarta.servlet.http.Cookie;
 import jakarta.transaction.Transactional;
 import lombok.Getter;
 import lombok.RequiredArgsConstructor;
@@ -29,19 +32,21 @@ public class UserService {
 	private final JwtUtil jwtUtil;
 
 	@Transactional
-	public void deleteUserById(Long id) {
+	public void deleteUserById(Long id, String refreshToken) {
 		User user = userRepository.findById(id)
 			.orElseThrow(() -> new CustomException(ErrorCode.USER_NOT_FOUND));
 
-		userRepository.deleteById(user.getId());
+		userRepository.deleteById(id);
+		deleteRefreshToken(id, refreshToken);
 	}
 
 	@Transactional
-	public void deleteRefreshToken(Long userId) {
+	public CookieResponse deleteRefreshToken(Long userId, String refreshToken) {
 		User user = userRepository.findById(userId)
 			.orElseThrow(() -> new CustomException(ErrorCode.USER_NOT_FOUND));
 		user.setRefreshToken(null);
-
+		Cookie cookie = CookieUtils.deleteRefeshTokenCookie(refreshToken);
+		return CookieResponse.builder().cookie(cookie).build();
 	}
 }
 
diff --git a/src/main/java/com/likelion/ai_teacher_a/global/auth/util/CookieUtils.java b/src/main/java/com/likelion/ai_teacher_a/global/auth/util/CookieUtils.java
@@ -67,4 +67,15 @@ public static Cookie createRefeshTokenCookie(String newRefreshToken) {
 		refreshTokenCookie.setMaxAge(60 * 60 * 24 * 7);
 		return refreshTokenCookie;
 	}
+
+	public static Cookie deleteRefeshTokenCookie(String refreshToken) {
+		Cookie refreshTokenCookie = new Cookie("refresh_token", refreshToken);
+		refreshTokenCookie.setHttpOnly(true);
+		refreshTokenCookie.setSecure(true);
+		refreshTokenCookie.setPath("/");
+		refreshTokenCookie.setDomain("ai-teacher-back-latest.onrender.com");
+		refreshTokenCookie.setAttribute("SameSite", "None");
+		refreshTokenCookie.setMaxAge(0);
+		return refreshTokenCookie;
+	}
 }
diff --git a/src/main/java/com/likelion/ai_teacher_a/global/auth/util/dto/CookieResponse.java b/src/main/java/com/likelion/ai_teacher_a/global/auth/util/dto/CookieResponse.java
@@ -0,0 +1,10 @@
+package com.likelion.ai_teacher_a.global.auth.util.dto;
+
+import jakarta.servlet.http.Cookie;
+import lombok.Builder;
+
+@Builder
+public record CookieResponse(
+	Cookie cookie
+) {
+}
