Skip to content

Commit 45e8485

Browse files
committed
fix: 인증 헤더 예외 메시지 표준화 및 보안 강화
1 parent f462fdf commit 45e8485

File tree

1 file changed

+2
-2
lines changed

1 file changed

+2
-2
lines changed

src/main/java/com/ururulab/ururu/global/exception/GlobalExceptionHandler.java

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -138,7 +138,7 @@ public ResponseEntity<ApiResponseFormat<Void>> handleInvalidRefreshToken(
138138
log.warn("Invalid refresh token: {}", exception.getMessage());
139139
return ResponseEntity
140140
.status(HttpStatus.UNAUTHORIZED)
141-
.body(ApiResponseFormat.fail("토큰 갱신 실패: " + exception.getMessage()));
141+
.body(ApiResponseFormat.fail("유효하지 않은 리프레시 토큰입니다."));
142142
}
143143

144144
@ExceptionHandler(MissingAuthorizationHeaderException.class)
@@ -147,7 +147,7 @@ public ResponseEntity<ApiResponseFormat<Void>> handleMissingAuthorizationHeader(
147147
log.warn("Missing authorization header: {}", exception.getMessage());
148148
return ResponseEntity
149149
.status(HttpStatus.BAD_REQUEST)
150-
.body(ApiResponseFormat.fail(exception.getMessage()));
150+
.body(ApiResponseFormat.fail("인증 헤더가 누락되었습니다."));
151151
}
152152

153153
@ExceptionHandler(RedisConnectionException.class)

0 commit comments

Comments
 (0)