chore: change the cors allowCredentials false

lotteon2 · Jan 18, 2024 · 63d3aca · 63d3aca
1 parent c2c8bda
commit 63d3aca
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 2 deletions.
diff --git a/src/main/java/com/bit/lot/flower/auth/common/config/WebConfig.java b/src/main/java/com/bit/lot/flower/auth/common/config/WebConfig.java
@@ -50,7 +50,7 @@ public void addCorsMappings(CorsRegistry registry) {
         .allowedMethods("*")
         .allowedHeaders("*")
         .exposedHeaders("*")
-        .allowCredentials(true);
+        .allowCredentials(false);
 
   }
 

diff --git a/...main/java/com/bit/lot/flower/auth/common/security/SystemAuthenticationSuccessHandler.java b/...main/java/com/bit/lot/flower/auth/common/security/SystemAuthenticationSuccessHandler.java
@@ -46,7 +46,7 @@ public void onAuthenticationSuccess(HttpServletRequest request, HttpServletRespo
 
   @Override
   public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response,
-      Authentication authentication) {
+      Authentication authentication)  {
     String token = tokenHandler.createToken(getIdFromPrincipal(authentication),
         createClaimsRoleMap(), response);
     response.setHeader("Authorization","Bearer "+token );