commit 039c3b06106271da8d84bd8b3723ba1987fd7d65
parent 26927ebc0dc5525f9566e20fdd3fc29203ba2e7a
Author: Yongbin Kim <iam@yongbin.kim>
Date: Thu, 19 Jan 2023 12:09:48 +0900
fix: 토큰 유효시간 이상하게 적용되던 문제 수정
Signed-off-by: Yongbin Kim <iam@yongbin.kim>
Diffstat:
3 files changed, 6 insertions(+), 6 deletions(-)
diff --git a/components/contexts/TokenContext.tsx b/components/contexts/TokenContext.tsx
@@ -1,6 +1,6 @@
import { getAccessTokenCookieName } from '@/lib/env'
import { decode, JwtPayload } from 'jsonwebtoken'
-import { createContext, ReactNode, useCallback, useContext, useEffect, useRef, useState } from 'react'
+import { createContext, ReactNode, useCallback, useContext, useEffect, useState } from 'react'
const regexCookie = /^([^=]*)=([^;]*)(?:;\s*|$)/
diff --git a/lib/security/token.ts b/lib/security/token.ts
@@ -2,8 +2,8 @@ import { sign, verify, decode } from 'jsonwebtoken'
import { nanoid } from 'nanoid'
const TOKEN_ALGORITHM = 'HS256'
-export const TOKEN_EXPIRES_IN = 5 * 60 * 1000 // 5분
-export const REFRESH_TOKEN_EXPIRES_IN = 30 * 24 * 60 * 60 * 1000 // 30일
+export const TOKEN_EXPIRES_IN = 5 * 60 // 5분
+export const REFRESH_TOKEN_EXPIRES_IN = 30 * 24 * 60 * 60 // 30일
export function getTokenSecret () {
return process.env.TOKEN_SECRET ?? 'dangerously_insecure_s3cr3t'
diff --git a/pages/api/auth/token.ts b/pages/api/auth/token.ts
@@ -56,11 +56,11 @@ export function signAndSendToken (
const [accessToken, refreshToken, tokenId] = signToken(uid)
res.setHeader('Set-Cookie', [
- `${getAccessTokenCookieName()}=${accessToken}; Path=/; SameSite=Strict; Max-Age=${TOKEN_EXPIRES_IN / 1000}`,
- `${getRefreshTokenCookieName()}=${refreshToken}; HttpOnly; Path=/; SameSite=Strict; Max-Age=${REFRESH_TOKEN_EXPIRES_IN / 1000}`,
+ `${getAccessTokenCookieName()}=${accessToken}; Path=/; SameSite=Strict; Max-Age=${TOKEN_EXPIRES_IN}`,
+ `${getRefreshTokenCookieName()}=${refreshToken}; HttpOnly; Path=/; SameSite=Strict; Max-Age=${REFRESH_TOKEN_EXPIRES_IN}`,
])
res.status(200).json({
- expires: Date.now() + TOKEN_EXPIRES_IN,
+ expires: Date.now() + TOKEN_EXPIRES_IN * 1000,
})
}