dh_demo

DreamHanks demo project
git clone git://git.lair.cx/dh_demo
Log | Files | Refs | README
commit 039c3b06106271da8d84bd8b3723ba1987fd7d65
parent 26927ebc0dc5525f9566e20fdd3fc29203ba2e7a
Author: Yongbin Kim <iam@yongbin.kim>
Date:   Thu, 19 Jan 2023 12:09:48 +0900

fix: 토큰 유효시간 이상하게 적용되던 문제 수정

Signed-off-by: Yongbin Kim <iam@yongbin.kim>

Diffstat:

Mcomponents/contexts/TokenContext.tsx | 2+-


Mlib/security/token.ts | 4++--


Mpages/api/auth/token.ts | 6+++---


3 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/components/contexts/TokenContext.tsx b/components/contexts/TokenContext.tsx
@@ -1,6 +1,6 @@
 import { getAccessTokenCookieName } from '@/lib/env'
 import { decode, JwtPayload } from 'jsonwebtoken'
-import { createContext, ReactNode, useCallback, useContext, useEffect, useRef, useState } from 'react'
+import { createContext, ReactNode, useCallback, useContext, useEffect, useState } from 'react'
 
 const regexCookie = /^([^=]*)=([^;]*)(?:;\s*|$)/
 
diff --git a/lib/security/token.ts b/lib/security/token.ts
@@ -2,8 +2,8 @@ import { sign, verify, decode } from 'jsonwebtoken'
 import { nanoid } from 'nanoid'
 
 const TOKEN_ALGORITHM = 'HS256'
-export const TOKEN_EXPIRES_IN = 5 * 60 * 1000 // 5분
-export const REFRESH_TOKEN_EXPIRES_IN = 30 * 24 * 60 * 60 * 1000 // 30일
+export const TOKEN_EXPIRES_IN = 5 * 60 // 5분
+export const REFRESH_TOKEN_EXPIRES_IN = 30 * 24 * 60 * 60 // 30일
 
 export function getTokenSecret () {
   return process.env.TOKEN_SECRET ?? 'dangerously_insecure_s3cr3t'
diff --git a/pages/api/auth/token.ts b/pages/api/auth/token.ts
@@ -56,11 +56,11 @@ export function signAndSendToken (
   const [accessToken, refreshToken, tokenId] = signToken(uid)
 
   res.setHeader('Set-Cookie', [
-    `${getAccessTokenCookieName()}=${accessToken}; Path=/; SameSite=Strict; Max-Age=${TOKEN_EXPIRES_IN / 1000}`,
-    `${getRefreshTokenCookieName()}=${refreshToken}; HttpOnly; Path=/; SameSite=Strict; Max-Age=${REFRESH_TOKEN_EXPIRES_IN / 1000}`,
+    `${getAccessTokenCookieName()}=${accessToken}; Path=/; SameSite=Strict; Max-Age=${TOKEN_EXPIRES_IN}`,
+    `${getRefreshTokenCookieName()}=${refreshToken}; HttpOnly; Path=/; SameSite=Strict; Max-Age=${REFRESH_TOKEN_EXPIRES_IN}`,
   ])
 
   res.status(200).json({
-    expires: Date.now() + TOKEN_EXPIRES_IN,
+    expires: Date.now() + TOKEN_EXPIRES_IN * 1000,
   })
 }