🐛 토큰 에러 수정

Murakano · Jun 29, 2024 · aecb42d · aecb42d
1 parent bcf6efb
commit aecb42d
Show file tree

Hide file tree

Showing 4 changed files with 16 additions and 42 deletions.
diff --git a/src/common/passport/jwtStrategy.js b/src/common/passport/jwtStrategy.js
@@ -12,7 +12,8 @@ module.exports = () => {
     passport.use(
         new JwtStrategy(opts, async (jwtPayload, done) => {
             try {
-                const user = await User.findById(jwtPayload.id);
+                console.log(jwtPayload);
+                const user = await User.findById(jwtPayload.userId);
                 if (user) {
                     return done(null, user);
                 } else {

diff --git a/src/common/utils/auth.js b/src/common/utils/auth.js
@@ -48,7 +48,6 @@ exports.isLoggedIn = async (req, res, next) => {
     } catch (error) {
         res.status(error.status).json({
             message: error.message,
-            ...(error.expiredAt && { expiredAt: error.expiredAt }),
         });
     }
 };
@@ -59,6 +58,7 @@ exports.isNotLoggedIn = async (req, res, next) => {
         await authenticateJWT(req, res);
         res.status(403).json({ message: '이미 로그인된 상태입니다.' });
     } catch (error) {
+        // NOTE : 인증되지 않은 사용자인 경우 통과
         if (error.status === 401) {
             next();
         } else {

diff --git a/src/routes/user/user.controller.js b/src/routes/user/user.controller.js
@@ -101,19 +101,8 @@ exports.localLogin = async (req, res, next) => {
             const accessToken = generateAccessToken(user);
             const refreshToken = generateRefreshToken(user);
 
-            // production 환경에서는 secure 필요 혹은 LAX로 변경, 쿠키와 토큰 주기 변경
-            res.cookie('accessToken', accessToken, {
-                httpOnly: false,
-                maxAge: 10 * 60 * 1000,
-                sameSite: 'None',
-                secure: true,
-            });
-            res.cookie('refreshToken', refreshToken, {
-                httpOnly: true,
-                maxAge: 24 * 60 * 60 * 1000,
-                sameSite: 'None',
-                secure: true,
-            });
+            res.cookie('accessToken', accessToken, config.cookieInAccessTokenOptions);
+            res.cookie('refreshToken', refreshToken, config.cookieInRefreshTokenOptions);
 
             return sendResponse.ok(res, {
                 message: SucesssMessage.LOGIN_SUCCESSS,
@@ -142,18 +131,8 @@ exports.kakaoLogin = async (req, res) => {
 
         const accessToken = generateAccessToken(user);
         const refreshToken = generateRefreshToken(user);
-        res.cookie('accessToken', accessToken, {
-            httpOnly: false,
-            maxAge: 10 * 60 * 1000,
-            sameSite: 'None',
-            secure: true,
-        });
-        res.cookie('refreshToken', refreshToken, {
-            httpOnly: true,
-            maxAge: 24 * 60 * 60 * 1000,
-            sameSite: 'None',
-            secure: true,
-        });
+        res.cookie('accessToken', accessToken, config.cookieInAccessTokenOptions);
+        res.cookie('refreshToken', refreshToken, config.cookieInRefreshTokenOptions);
 
         sendResponse.ok(res, {
             message: SucesssMessage.LOGIN_SUCCESSS,
@@ -174,23 +153,16 @@ exports.refreshToken = async (req, res) => {
     }
 
     jwt.verify(refreshToken, config.jwtRefreshSecret, (err, user) => {
-        if (err) return res.sendStatus(403);
+        if (err)
+            return sendResponse.forbidden(res, {
+                message: ErrorMessage.REFRESH_TOKEN_ERROR,
+            });
 
         const newAccessToken = generateAccessToken({ _id: user.userId, nickname: user.nickname, email: user.email });
         const newRefreshToken = generateRefreshToken({ _id: user.userId, nickname: user.nickname, email: user.email });
 
-        res.cookie('accessToken', newAccessToken, {
-            httpOnly: false,
-            maxAge: 10 * 60 * 1000,
-            sameSite: 'None',
-            secure: true,
-        });
-        res.cookie('refreshToken', newRefreshToken, {
-            httpOnly: true,
-            maxAge: 24 * 60 * 60 * 1000,
-            sameSite: 'None',
-            secure: true,
-        });
+        res.cookie('accessToken', newAccessToken, config.cookieInAccessTokenOptions);
+        res.cookie('refreshToken', newRefreshToken, config.cookieInRefreshTokenOptions);
 
         sendResponse.ok(res, {
             message: SucesssMessage.REFRESH_TOKEN,
@@ -210,6 +182,7 @@ exports.getProfile = (req, res) => {
 };
 
 exports.logout = (_, res) => {
+    res.cookie('accessToken', '', { httpOnly: true, maxAge: 0 });
     res.cookie('refreshToken', '', { httpOnly: true, maxAge: 0 });
     return sendResponse.ok(res, {
         message: SucesssMessage.LOGOUT_SUCCESS,

diff --git a/src/routes/user/user.route.js b/src/routes/user/user.route.js
@@ -20,8 +20,8 @@ userRouter.get('/check/email', isEmailExist);
 // 로그인
 userRouter.post('/local/login', isNotLoggedIn, localLogin);
 userRouter.post('/kakao/login', isNotLoggedIn, kakaoLogin);
-userRouter.post('/refresh', isNotLoggedIn, refreshToken);
-userRouter.post('/logout', isNotLoggedIn, logout);
+userRouter.post('/refresh', refreshToken);
+userRouter.post('/logout', logout);
 
 userRouter.get('/profile', isLoggedIn, getProfile);