From 0d51adb5d076a18d0bbcf80bf27562a8f57c785e Mon Sep 17 00:00:00 2001 From: Zero-1016 Date: Mon, 3 Mar 2025 15:42:36 +0900 Subject: [PATCH 01/11] =?UTF-8?q?feat:=20cors=20=EC=84=A4=EC=A0=95?= =?UTF-8?q?=EC=9D=84=20=EC=B6=94=EA=B0=80=ED=95=A9=EB=8B=88=EB=8B=A4.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/backend/auth-server/main.ts | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/src/backend/auth-server/main.ts b/src/backend/auth-server/main.ts index 0f24a06a..61d060fe 100644 --- a/src/backend/auth-server/main.ts +++ b/src/backend/auth-server/main.ts @@ -137,6 +137,14 @@ app.register(fastifySwaggerUi, { app.register(currentAuthPlugin); app.register(routes); +app.register(cors, { + origin: ['http://localhost:5173', 'https://bbebig.netlify.app'], + credentials: true, + methods: ['GET', 'POST', 'PUT', 'DELETE', 'OPTIONS'], + allowedHeaders: ['Content-Type', 'Authorization'], + exposedHeaders: ['set-cookie'], +}); + app .register(fastifyRedis, { client: redis, From 5a7d59bd898849b346f07e24dc0bfc3c795d5467 Mon Sep 17 00:00:00 2001 From: Zero-1016 Date: Mon, 3 Mar 2025 14:41:13 +0900 Subject: [PATCH 02/11] =?UTF-8?q?feat:=20=EB=A6=AC=ED=94=84=EB=A0=88?= =?UTF-8?q?=EC=8B=9C=20=ED=86=A0=ED=81=B0=EC=9D=84=20=EB=B0=94=EB=94=94?= =?UTF-8?q?=EB=A1=9C=20=EB=B3=B4=EB=83=85=EB=8B=88=EB=8B=A4.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../auth-server/src/controllers/auth/index.ts | 61 +++---------------- .../auth-server/src/routes/auth/index.ts | 8 --- .../auth-server/src/schema/authSchema.ts | 21 +------ 3 files changed, 9 insertions(+), 81 deletions(-) diff --git a/src/backend/auth-server/src/controllers/auth/index.ts b/src/backend/auth-server/src/controllers/auth/index.ts index 9cb461f1..b7b6e33e 100644 --- a/src/backend/auth-server/src/controllers/auth/index.ts +++ b/src/backend/auth-server/src/controllers/auth/index.ts @@ -23,16 +23,9 @@ function authController() { return; } - res.setCookie('refresh_token', values.refreshToken, { - sameSite: true, - httpOnly: true, - secure: true, - path: '/', - expires: new Date(Date.now() + 1000 * 60 * 60 * 24 * 7), - }); - const result = { accessToken: values.accessToken, + refreshToken: values.refreshToken, }; await redis.set(REDIS_KEY.refreshToken(values.id), values.refreshToken); @@ -67,33 +60,6 @@ function authController() { } }; - const mobileLogin = async (req: FastifyRequest, res: FastifyReply) => { - const { email, password } = req.body as { email: string; password: string }; - - const values = await authService.loginWithPassword(email, password); - - if (!values) { - handleError(res, ERROR_MESSAGE.notFound); - return; - } - - const result = { - accessToken: values.accessToken, - refreshToken: values.refreshToken, - }; - - await redis.set(REDIS_KEY.refreshToken(values.id), values.refreshToken); - - handleSuccess( - res, - { - ...SUCCESS_MESSAGE.loginOk, - result, - }, - 200, - ); - }; - const register = async ( req: FastifyRequest<{ Body: { email: string; password: string; name: string; nickname: string; birthdate: string }; @@ -167,20 +133,13 @@ function authController() { const result = await authService.refresh(refreshToken, redisRefreshToken); - res.setCookie('refresh_token', result.refreshToken, { - sameSite: 'lax', - httpOnly: true, - secure: false, - path: '/', - expires: new Date(Date.now() + 1000 * 60 * 60 * 24 * 7), - }); - await redis.set(REDIS_KEY.refreshToken(id), result.refreshToken); handleSuccess(res, { ...SUCCESS_MESSAGE.refreshToken, result: { accessToken: result.accessToken, + refreshToken: result.refreshToken, }, }); } catch (error) { @@ -205,17 +164,14 @@ function authController() { return; } - const result = await authService.refresh(refreshToken, redisRefreshToken); + const values = await authService.refresh(refreshToken, redisRefreshToken); - res.setCookie('refresh_token', result.refreshToken, { - sameSite: 'lax', - httpOnly: true, - secure: false, - path: '/', - expires: new Date(Date.now() + 1000 * 60 * 60 * 24 * 7), - }); + const result = { + accessToken: values.accessToken, + refreshToken: values.refreshToken, + }; - await redis.set(REDIS_KEY.refreshToken(id), result.refreshToken); + await redis.set(REDIS_KEY.refreshToken(id), values.refreshToken); handleSuccess(res, { ...SUCCESS_MESSAGE.refreshToken, @@ -272,7 +228,6 @@ function authController() { refresh, verifyToken, healthCheck, - mobileLogin, refreshMobile, loginStatusCheck, }; diff --git a/src/backend/auth-server/src/routes/auth/index.ts b/src/backend/auth-server/src/routes/auth/index.ts index c385703a..b23c8d17 100644 --- a/src/backend/auth-server/src/routes/auth/index.ts +++ b/src/backend/auth-server/src/routes/auth/index.ts @@ -3,7 +3,6 @@ import { ZodTypeProvider } from 'fastify-type-provider-zod'; import { healthCheckSchema, logoutSchema, - mobileSignInSchema, refreshTokenMobileSchema, refreshTokenSchema, registerSchema, @@ -29,13 +28,6 @@ const authRoute = async (app: FastifyInstance) => { handler: authController.login, }); - app.withTypeProvider().route({ - method: 'POST', - url: '/mobile-login', - schema: mobileSignInSchema, - handler: authController.mobileLogin, - }); - app.withTypeProvider().route({ method: 'POST', url: '/register', diff --git a/src/backend/auth-server/src/schema/authSchema.ts b/src/backend/auth-server/src/schema/authSchema.ts index ed3ae8cc..75529945 100644 --- a/src/backend/auth-server/src/schema/authSchema.ts +++ b/src/backend/auth-server/src/schema/authSchema.ts @@ -8,25 +8,6 @@ const signInSchema = { email: z.string().email(), password: z.string(), }), - response: { - 200: z.object({ - code: z.string().default('AUTH100'), - message: z.string().default('Login Ok!'), - result: z.object({ - accessToken: z.string(), - }), - }), - 400: commonResponseSchemaOmitResult, - }, -}; - -const mobileSignInSchema = { - tags: ['auth'], - description: '모바일 로그인 합니다.', - body: z.object({ - email: z.string().email(), - password: z.string(), - }), response: { 200: z.object({ code: z.string().default('AUTH100'), @@ -88,6 +69,7 @@ const refreshTokenSchema = { message: z.string().default('refresh success'), result: z.object({ accessToken: z.string(), + refreshToken: z.string(), }), }), 400: commonResponseSchemaOmitResult, @@ -211,7 +193,6 @@ export { verifyTokenSchema, registerSchema, signInSchema, - mobileSignInSchema, verifyEmailSchema, tokenDecodeSchema, healthCheckSchema, From 1fdcce228fde60eb31e6f4cc2eb809b57e0e8044 Mon Sep 17 00:00:00 2001 From: Zero-1016 Date: Mon, 3 Mar 2025 15:51:59 +0900 Subject: [PATCH 03/11] =?UTF-8?q?feat:=20=EB=AA=A8=EB=93=A0=20domain?= =?UTF-8?q?=EB=82=B4=20=ED=98=B8=EC=B6=9C=20=ED=97=88=EC=9A=A9?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/backend/auth-server/main.ts | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/src/backend/auth-server/main.ts b/src/backend/auth-server/main.ts index 61d060fe..2f9c465b 100644 --- a/src/backend/auth-server/main.ts +++ b/src/backend/auth-server/main.ts @@ -138,11 +138,10 @@ app.register(currentAuthPlugin); app.register(routes); app.register(cors, { - origin: ['http://localhost:5173', 'https://bbebig.netlify.app'], + origin: '*', credentials: true, methods: ['GET', 'POST', 'PUT', 'DELETE', 'OPTIONS'], allowedHeaders: ['Content-Type', 'Authorization'], - exposedHeaders: ['set-cookie'], }); app From 3329871a5c424f9056f6ffda143ee737ec49feb8 Mon Sep 17 00:00:00 2001 From: Zero-1016 Date: Mon, 3 Mar 2025 15:58:47 +0900 Subject: [PATCH 04/11] =?UTF-8?q?feat:=20cookie=20=EC=84=A4=EC=A0=95?= =?UTF-8?q?=EC=9D=84=20=EC=B6=94=EA=B0=80=ED=95=A9=EB=8B=88=EB=8B=A4.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/backend/auth-server/main.ts | 19 +++++++++++++++++-- 1 file changed, 17 insertions(+), 2 deletions(-) diff --git a/src/backend/auth-server/main.ts b/src/backend/auth-server/main.ts index 2f9c465b..6485f504 100644 --- a/src/backend/auth-server/main.ts +++ b/src/backend/auth-server/main.ts @@ -138,10 +138,13 @@ app.register(currentAuthPlugin); app.register(routes); app.register(cors, { - origin: '*', + origin: ['http://localhost:5173', 'https://bbebig.netlify.app'], credentials: true, methods: ['GET', 'POST', 'PUT', 'DELETE', 'OPTIONS'], - allowedHeaders: ['Content-Type', 'Authorization'], + allowedHeaders: ['Content-Type', 'Authorization', 'Origin', 'Accept'], + exposedHeaders: ['Set-Cookie'], + preflightContinue: true, + optionsSuccessStatus: 204, }); app @@ -158,8 +161,20 @@ app app.register(fastifyCookie, { secret: SECRET_KEY, + hook: 'onRequest', + parseOptions: { + secure: true, + httpOnly: true, + sameSite: 'none', + path: '/', + }, } as FastifyCookieOptions); +app.addHook('onRequest', async (request, reply) => { + reply.header('Access-Control-Allow-Credentials', 'true'); + reply.header('Access-Control-Allow-Origin', request.headers.origin || ''); +}); + app.setErrorHandler((err, req, reply) => { if (hasZodFastifySchemaValidationErrors(err)) { return handleError( From c31d641889b69b01baf5b2638e30c794369e9df5 Mon Sep 17 00:00:00 2001 From: Zero-1016 Date: Mon, 3 Mar 2025 16:04:21 +0900 Subject: [PATCH 05/11] =?UTF-8?q?fix:=20allow=20origin=20=EC=A4=91?= =?UTF-8?q?=EB=B3=B5=20=EC=84=A4=EC=A0=95=EC=9D=84=20=EC=A0=9C=EA=B1=B0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/backend/auth-server/main.ts | 6 ------ 1 file changed, 6 deletions(-) diff --git a/src/backend/auth-server/main.ts b/src/backend/auth-server/main.ts index 6485f504..96a001b7 100644 --- a/src/backend/auth-server/main.ts +++ b/src/backend/auth-server/main.ts @@ -144,7 +144,6 @@ app.register(cors, { allowedHeaders: ['Content-Type', 'Authorization', 'Origin', 'Accept'], exposedHeaders: ['Set-Cookie'], preflightContinue: true, - optionsSuccessStatus: 204, }); app @@ -170,11 +169,6 @@ app.register(fastifyCookie, { }, } as FastifyCookieOptions); -app.addHook('onRequest', async (request, reply) => { - reply.header('Access-Control-Allow-Credentials', 'true'); - reply.header('Access-Control-Allow-Origin', request.headers.origin || ''); -}); - app.setErrorHandler((err, req, reply) => { if (hasZodFastifySchemaValidationErrors(err)) { return handleError( From fb364dcabdcab28af1ad9f0c3ed3fc7a5a63bc68 Mon Sep 17 00:00:00 2001 From: Zero-1016 Date: Mon, 3 Mar 2025 16:08:43 +0900 Subject: [PATCH 06/11] =?UTF-8?q?feat:=20cors=20=EA=B4=80=EB=A0=A8=20?= =?UTF-8?q?=EC=84=A4=EC=A0=95=EC=9D=84=20=EC=A0=9C=EA=B1=B0=ED=95=A9?= =?UTF-8?q?=EB=8B=88=EB=8B=A4.=20=EA=B2=8C=EC=9D=B4=ED=8A=B8=EC=9B=A8?= =?UTF-8?q?=EC=9D=B4=EB=A7=8C=20=EC=9D=B4=EC=9A=A9=ED=95=A9=EB=8B=88?= =?UTF-8?q?=EB=8B=A4?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/backend/auth-server/main.ts | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/src/backend/auth-server/main.ts b/src/backend/auth-server/main.ts index 96a001b7..12ee69e2 100644 --- a/src/backend/auth-server/main.ts +++ b/src/backend/auth-server/main.ts @@ -138,12 +138,8 @@ app.register(currentAuthPlugin); app.register(routes); app.register(cors, { - origin: ['http://localhost:5173', 'https://bbebig.netlify.app'], + origin: false, credentials: true, - methods: ['GET', 'POST', 'PUT', 'DELETE', 'OPTIONS'], - allowedHeaders: ['Content-Type', 'Authorization', 'Origin', 'Accept'], - exposedHeaders: ['Set-Cookie'], - preflightContinue: true, }); app From b5f6751a36c123f9f39728eaaabafda1b6aeb41f Mon Sep 17 00:00:00 2001 From: Zero-1016 Date: Mon, 3 Mar 2025 16:23:21 +0900 Subject: [PATCH 07/11] =?UTF-8?q?fix:=20refresh-token=EC=9D=98=20=EA=B2=BD?= =?UTF-8?q?=EC=9A=B0=20header=EB=A1=9C=20=EC=A0=84=EB=8B=AC=ED=95=A9?= =?UTF-8?q?=EB=8B=88=EB=8B=A4.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/backend/auth-server/main.ts | 1 + .../auth-server/src/controllers/auth/index.ts | 47 ++----------------- .../auth-server/src/routes/auth/index.ts | 8 ---- .../auth-server/src/schema/authSchema.ts | 29 +++--------- 4 files changed, 10 insertions(+), 75 deletions(-) diff --git a/src/backend/auth-server/main.ts b/src/backend/auth-server/main.ts index 12ee69e2..8cc5d839 100644 --- a/src/backend/auth-server/main.ts +++ b/src/backend/auth-server/main.ts @@ -140,6 +140,7 @@ app.register(routes); app.register(cors, { origin: false, credentials: true, + allowedHeaders: ['Content-Type', 'Authorization', 'Refresh-Token'], }); app diff --git a/src/backend/auth-server/src/controllers/auth/index.ts b/src/backend/auth-server/src/controllers/auth/index.ts index b7b6e33e..2861b498 100644 --- a/src/backend/auth-server/src/controllers/auth/index.ts +++ b/src/backend/auth-server/src/controllers/auth/index.ts @@ -94,7 +94,7 @@ function authController() { const logout = async (req: FastifyRequest, res: FastifyReply) => { const id = req.user?.id; - const refreshToken = req.cookies.refresh_token; + const refreshToken = req.headers['refresh-token'] as string; if (!id || !refreshToken) { handleError(res, ERROR_MESSAGE.unauthorized); @@ -103,11 +103,6 @@ function authController() { try { await redis.del(REDIS_KEY.refreshToken(id)); - - res.clearCookie('refresh_token', { - path: '/', - }); - handleSuccess(res, SUCCESS_MESSAGE.logoutOk, 205); } catch (error) { handleError(res, ERROR_MESSAGE.badRequest, error); @@ -116,7 +111,7 @@ function authController() { const refresh = async (req: FastifyRequest, res: FastifyReply) => { const id = req.user?.id; - const refreshToken = req.cookies.refresh_token; + const refreshToken = req.headers['refresh-token'] as string; if (!refreshToken || !id) { handleError(res, ERROR_MESSAGE.unauthorized); @@ -147,41 +142,6 @@ function authController() { } }; - const refreshMobile = async (req: FastifyRequest, res: FastifyReply) => { - const id = req.user?.id; - const refreshToken = req.cookies.refresh_token; - - if (!refreshToken || !id) { - handleError(res, ERROR_MESSAGE.unauthorized); - return; - } - - try { - const redisRefreshToken = await redis.get(REDIS_KEY.refreshToken(id)); - - if (!redisRefreshToken) { - handleError(res, ERROR_MESSAGE.unauthorized); - return; - } - - const values = await authService.refresh(refreshToken, redisRefreshToken); - - const result = { - accessToken: values.accessToken, - refreshToken: values.refreshToken, - }; - - await redis.set(REDIS_KEY.refreshToken(id), values.refreshToken); - - handleSuccess(res, { - ...SUCCESS_MESSAGE.refreshToken, - result, - }); - } catch (error) { - handleError(res, ERROR_MESSAGE.unauthorized, error); - } - }; - const verifyToken = async (req: FastifyRequest, res: FastifyReply) => { const accessToken = req.headers.authorization; if (!accessToken) { @@ -211,7 +171,7 @@ function authController() { const loginStatusCheck = async (req: FastifyRequest, res: FastifyReply) => { const id = req.user?.id; - const refreshToken = req.cookies.refresh_token; + const refreshToken = req.headers['refresh-token'] as string; if (!id || !refreshToken) { handleSuccess(res, SUCCESS_MESSAGE.loginStatusDisabled, 200); @@ -228,7 +188,6 @@ function authController() { refresh, verifyToken, healthCheck, - refreshMobile, loginStatusCheck, }; } diff --git a/src/backend/auth-server/src/routes/auth/index.ts b/src/backend/auth-server/src/routes/auth/index.ts index b23c8d17..923371dd 100644 --- a/src/backend/auth-server/src/routes/auth/index.ts +++ b/src/backend/auth-server/src/routes/auth/index.ts @@ -3,7 +3,6 @@ import { ZodTypeProvider } from 'fastify-type-provider-zod'; import { healthCheckSchema, logoutSchema, - refreshTokenMobileSchema, refreshTokenSchema, registerSchema, signInSchema, @@ -51,13 +50,6 @@ const authRoute = async (app: FastifyInstance) => { handler: authController.refresh, }); - app.withTypeProvider().route({ - method: 'POST', - url: '/refresh-mobile', - schema: refreshTokenMobileSchema, - handler: authController.refreshMobile, - }); - app.withTypeProvider().route({ method: 'GET', url: '/verify-token', diff --git a/src/backend/auth-server/src/schema/authSchema.ts b/src/backend/auth-server/src/schema/authSchema.ts index 75529945..f503f572 100644 --- a/src/backend/auth-server/src/schema/authSchema.ts +++ b/src/backend/auth-server/src/schema/authSchema.ts @@ -62,28 +62,9 @@ const registerSchema = { const refreshTokenSchema = { tags: ['auth'], - security: [{ bearerAuth: [] }], - response: { - 201: z.object({ - code: z.string().default('AUTH102'), - message: z.string().default('refresh success'), - result: z.object({ - accessToken: z.string(), - refreshToken: z.string(), - }), - }), - 400: commonResponseSchemaOmitResult, - }, - description: ` - 리프레시 토큰은 쿠키('refresh_token')로 자동 처리됩니다. - Swagger UI에서 테스트하려면 브라우저 쿠키가 있어야 합니다. - 1. 먼저 로그인하여 쿠키 설정 - 2. 이 엔드포인트 호출하여 새 액세스 토큰 발급 -`, -}; - -const refreshTokenMobileSchema = { - tags: ['auth'], + headers: z.object({ + 'refresh-token': z.string(), + }), security: [{ bearerAuth: [] }], response: { 201: z.object({ @@ -107,6 +88,9 @@ const refreshTokenMobileSchema = { const logoutSchema = { tags: ['auth'], description: '로그아웃 합니다.', + headers: z.object({ + 'refresh-token': z.string(), + }), security: [{ bearerAuth: [] }], response: { 205: z.object({ @@ -189,7 +173,6 @@ const loginStatusCheckSchema = { export { logoutSchema, refreshTokenSchema, - refreshTokenMobileSchema, verifyTokenSchema, registerSchema, signInSchema, From 899189e4100e7c7a30485a80cdcb6bfffddfd9d9 Mon Sep 17 00:00:00 2001 From: Zero-1016 Date: Mon, 3 Mar 2025 16:33:51 +0900 Subject: [PATCH 08/11] =?UTF-8?q?feat:=20status-check=20=EB=82=B4=EC=97=90?= =?UTF-8?q?=20=EB=A1=9C=EA=B7=B8=EC=9D=B8=20=EC=83=81=ED=83=9C=EA=B2=80?= =?UTF-8?q?=EC=82=AC=20=EB=A1=9C=EC=A7=81=20=EC=B6=94=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/backend/auth-server/src/controllers/auth/index.ts | 10 ++++++++-- src/backend/auth-server/src/routes/auth/index.ts | 1 + 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/src/backend/auth-server/src/controllers/auth/index.ts b/src/backend/auth-server/src/controllers/auth/index.ts index 2861b498..c6a535b2 100644 --- a/src/backend/auth-server/src/controllers/auth/index.ts +++ b/src/backend/auth-server/src/controllers/auth/index.ts @@ -1,5 +1,5 @@ import { FastifyRequest, FastifyReply } from 'fastify'; -import { generateHash } from '../../libs/authHelper'; +import { generateHash, shortVerifyRefreshToken } from '../../libs/authHelper'; import { ERROR_MESSAGE, REDIS_KEY } from '../../libs/constants'; import { SUCCESS_MESSAGE } from '../../libs/constants'; import { handleError } from '../../libs/errorHelper'; @@ -178,7 +178,13 @@ function authController() { return; } - handleSuccess(res, SUCCESS_MESSAGE.loginStatusOK, 200); + try { + shortVerifyRefreshToken(refreshToken); + handleSuccess(res, SUCCESS_MESSAGE.loginStatusOK, 200); + } catch (error) { + handleError(res, ERROR_MESSAGE.unauthorized, error); + return; + } }; return { diff --git a/src/backend/auth-server/src/routes/auth/index.ts b/src/backend/auth-server/src/routes/auth/index.ts index 923371dd..8a3880f1 100644 --- a/src/backend/auth-server/src/routes/auth/index.ts +++ b/src/backend/auth-server/src/routes/auth/index.ts @@ -16,6 +16,7 @@ const authRoute = async (app: FastifyInstance) => { app.withTypeProvider().route({ method: 'GET', url: '/status-check', + preHandler: [verifySignIn], schema: loginStatusCheckSchema, handler: authController.loginStatusCheck, }); From b97e554557ef21a73a04d3bd34ba428b879592e0 Mon Sep 17 00:00:00 2001 From: Zero-1016 Date: Mon, 3 Mar 2025 16:40:24 +0900 Subject: [PATCH 09/11] =?UTF-8?q?fix:=20schema=EB=A5=BC=20=EC=88=98?= =?UTF-8?q?=EC=A0=95=ED=95=A9=EB=8B=88=EB=8B=A4.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/backend/auth-server/src/controllers/auth/index.ts | 3 +-- src/backend/auth-server/src/schema/authSchema.ts | 1 + 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/backend/auth-server/src/controllers/auth/index.ts b/src/backend/auth-server/src/controllers/auth/index.ts index c6a535b2..31863ea8 100644 --- a/src/backend/auth-server/src/controllers/auth/index.ts +++ b/src/backend/auth-server/src/controllers/auth/index.ts @@ -170,10 +170,9 @@ function authController() { }; const loginStatusCheck = async (req: FastifyRequest, res: FastifyReply) => { - const id = req.user?.id; const refreshToken = req.headers['refresh-token'] as string; - if (!id || !refreshToken) { + if (!refreshToken) { handleSuccess(res, SUCCESS_MESSAGE.loginStatusDisabled, 200); return; } diff --git a/src/backend/auth-server/src/schema/authSchema.ts b/src/backend/auth-server/src/schema/authSchema.ts index f503f572..440d1072 100644 --- a/src/backend/auth-server/src/schema/authSchema.ts +++ b/src/backend/auth-server/src/schema/authSchema.ts @@ -161,6 +161,7 @@ const healthCheckSchema = { const loginStatusCheckSchema = { tags: ['auth'], description: '로그인 상태를 확인 합니다.', + security: [{ bearerAuth: [] }], response: { 200: z.object({ code: z.string().default('AUTH109'), From 4b9f333e06d1548552343b346d0ea83bb1f91739 Mon Sep 17 00:00:00 2001 From: Zero-1016 Date: Mon, 3 Mar 2025 16:46:05 +0900 Subject: [PATCH 10/11] =?UTF-8?q?fix:=20refresh-token=20null=20=EC=B2=B4?= =?UTF-8?q?=ED=81=AC=EC=B6=94=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/backend/auth-server/src/controllers/auth/index.ts | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/backend/auth-server/src/controllers/auth/index.ts b/src/backend/auth-server/src/controllers/auth/index.ts index 31863ea8..7f7a474d 100644 --- a/src/backend/auth-server/src/controllers/auth/index.ts +++ b/src/backend/auth-server/src/controllers/auth/index.ts @@ -96,7 +96,7 @@ function authController() { const id = req.user?.id; const refreshToken = req.headers['refresh-token'] as string; - if (!id || !refreshToken) { + if (!id || !refreshToken || refreshToken === 'null' || refreshToken === '') { handleError(res, ERROR_MESSAGE.unauthorized); return; } @@ -172,7 +172,7 @@ function authController() { const loginStatusCheck = async (req: FastifyRequest, res: FastifyReply) => { const refreshToken = req.headers['refresh-token'] as string; - if (!refreshToken) { + if (!refreshToken || refreshToken === 'null' || refreshToken === '') { handleSuccess(res, SUCCESS_MESSAGE.loginStatusDisabled, 200); return; } @@ -181,7 +181,7 @@ function authController() { shortVerifyRefreshToken(refreshToken); handleSuccess(res, SUCCESS_MESSAGE.loginStatusOK, 200); } catch (error) { - handleError(res, ERROR_MESSAGE.unauthorized, error); + handleSuccess(res, SUCCESS_MESSAGE.loginStatusDisabled, 200); return; } }; From 6982fc5f5a4f2284cd9d816ac6dfbddb883a9959 Mon Sep 17 00:00:00 2001 From: Zero-1016 Date: Mon, 3 Mar 2025 16:50:32 +0900 Subject: [PATCH 11/11] =?UTF-8?q?refactor:=20schema=EB=A5=BC=20=EC=88=98?= =?UTF-8?q?=EC=A0=95=ED=95=A9=EB=8B=88=EB=8B=A4.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/backend/auth-server/src/schema/authSchema.ts | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/backend/auth-server/src/schema/authSchema.ts b/src/backend/auth-server/src/schema/authSchema.ts index 440d1072..0cb3a713 100644 --- a/src/backend/auth-server/src/schema/authSchema.ts +++ b/src/backend/auth-server/src/schema/authSchema.ts @@ -166,6 +166,9 @@ const loginStatusCheckSchema = { 200: z.object({ code: z.string().default('AUTH109'), message: z.string().default('login status check success!'), + result: z.object({ + status: z.boolean(), + }), }), 401: commonResponseSchema, },