BARON-SSO 로그인 스테이징>실서버 교체

This commit is contained in:
2026-07-01 11:54:41 +09:00
parent 05b09ccc5a
commit b2e6e377ad
4 changed files with 10 additions and 6 deletions

2
.env
View File

@@ -3,7 +3,7 @@ DB_PORT=3306
DB_USER=itam
DB_PASS=itam1234
DB_NAME=itam
CLIENT_ID=836cd2e1-995a-4027-bcb5-5dd9c94c2b84
CLIENT_ID=c89acfda-789b-45fb-bab6-7ebfa4c6a9b4
ISSUER=https://sso.hmac.kr/oidc
REDIRECT_URI=http://172.16.9.44:8080/callback
JWKS_URI=http://172.16.9.44:8080/.well-known/jwks.json

View File

@@ -83,8 +83,8 @@ jobs:
LOG_LEVEL=${EFFECTIVE_LOG_LEVEL}
CLIENT_ID=${CLIENT_ID}
ISSUER=${ISSUER}
PROD_REDIRECT_URI=${PROD_REDIRECT_URI:-http://172.16.10.175:9090/callback}
PROD_JWKS_URI=${PROD_JWKS_URI:-http://172.16.10.175:9090/.well-known/jwks.json}
PROD_REDIRECT_URI=${PROD_REDIRECT_URI:-https://dachs.hmac.kr/callback}
PROD_JWKS_URI=${PROD_JWKS_URI:-https://dachs.hmac.kr/.well-known/jwks.json}
EOF
- name: Deploy to production host

View File

@@ -14,8 +14,8 @@ services:
NODE_ENV: production
PORT: 3000
KEYS_PATH: /app/uploads/keys.json
REDIRECT_URI: ${PROD_REDIRECT_URI:-http://172.16.10.175:9090/callback}
JWKS_URI: ${PROD_JWKS_URI:-http://172.16.10.175:9090/.well-known/jwks.json}
REDIRECT_URI: ${PROD_REDIRECT_URI:-https://dachs.hmac.kr/callback}
JWKS_URI: ${PROD_JWKS_URI:-https://dachs.hmac.kr/.well-known/jwks.json}
volumes:
- ./uploads:/app/uploads
- ./map_config.json:/app/map_config.json:ro

View File

@@ -21,6 +21,7 @@ const {
const SESSION_SECRET_VALUE = SESSION_SECRET || 'itam-headless-session-secret';
const DEFAULT_SCOPES = ['openid', 'profile', 'email'];
const DEFAULT_ERROR_PATH = ERROR_LOCALE_PATH || '/ko/error';
const USE_SECURE_COOKIES = Boolean(REDIRECT_URI && REDIRECT_URI.startsWith('https://'));
const dbConfig = {
host: process.env.DB_HOST,
@@ -38,6 +39,9 @@ const getDbConnectionSummary = () => ({
});
const app = express();
if (USE_SECURE_COOKIES) {
app.set('trust proxy', 1);
}
app.use(cors());
app.use(express.json({ limit: '50mb' }));
app.use(session({
@@ -47,7 +51,7 @@ app.use(session({
cookie: {
httpOnly: true,
sameSite: 'lax',
secure: false,
secure: USE_SECURE_COOKIES,
maxAge: 1000 * 60 * 60 * 8
}
}));