feat: 리프레시 토큰을 바디로 보냅니다.

sgdevcamp2025 · Mar 3, 2025 · dead91b · dead91b
1 parent 11c5741
commit dead91b
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 25 deletions.
diff --git a/src/backend/auth-server/src/controllers/auth/index.ts b/src/backend/auth-server/src/controllers/auth/index.ts
@@ -23,16 +23,9 @@ function authController() {
         return;
       }
 
-      res.setCookie('refresh_token', values.refreshToken, {
-        sameSite: true,
-        httpOnly: true,
-        secure: true,
-        path: '/',
-        expires: new Date(Date.now() + 1000 * 60 * 60 * 24 * 7),
-      });
-
       const result = {
         accessToken: values.accessToken,
+        refreshToken: values.refreshToken,
       };
 
       await redis.set(REDIS_KEY.refreshToken(values.id), values.refreshToken);
@@ -167,20 +160,13 @@ function authController() {
 
       const result = await authService.refresh(refreshToken, redisRefreshToken);
 
-      res.setCookie('refresh_token', result.refreshToken, {
-        sameSite: 'lax',
-        httpOnly: true,
-        secure: false,
-        path: '/',
-        expires: new Date(Date.now() + 1000 * 60 * 60 * 24 * 7),
-      });
-
       await redis.set(REDIS_KEY.refreshToken(id), result.refreshToken);
 
       handleSuccess(res, {
         ...SUCCESS_MESSAGE.refreshToken,
         result: {
           accessToken: result.accessToken,
+          refreshToken: result.refreshToken,
         },
       });
     } catch (error) {
@@ -205,17 +191,14 @@ function authController() {
         return;
       }
 
-      const result = await authService.refresh(refreshToken, redisRefreshToken);
+      const values = await authService.refresh(refreshToken, redisRefreshToken);
 
-      res.setCookie('refresh_token', result.refreshToken, {
-        sameSite: 'lax',
-        httpOnly: true,
-        secure: false,
-        path: '/',
-        expires: new Date(Date.now() + 1000 * 60 * 60 * 24 * 7),
-      });
+      const result = {
+        accessToken: values.accessToken,
+        refreshToken: values.refreshToken,
+      };
 
-      await redis.set(REDIS_KEY.refreshToken(id), result.refreshToken);
+      await redis.set(REDIS_KEY.refreshToken(id), values.refreshToken);
 
       handleSuccess(res, {
         ...SUCCESS_MESSAGE.refreshToken,

diff --git a/src/backend/auth-server/src/schema/authSchema.ts b/src/backend/auth-server/src/schema/authSchema.ts
@@ -14,6 +14,7 @@ const signInSchema = {
       message: z.string().default('Login Ok!'),
       result: z.object({
         accessToken: z.string(),
+        refreshToken: z.string(),
       }),
     }),
     400: commonResponseSchemaOmitResult,
@@ -88,6 +89,7 @@ const refreshTokenSchema = {
       message: z.string().default('refresh success'),
       result: z.object({
         accessToken: z.string(),
+        refreshToken: z.string(),
       }),
     }),
     400: commonResponseSchemaOmitResult,