[Feat] 토큰 관리 로직 변경 #37
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
- 의존성 변경
- CookieProvider 파일로 쿠키 생성, 토큰 쿠키 생성 메서드 제작 - 기존의 Bearer로 JWT를 관리하는 로직을 전부 쿠키 로직으로 변경 - Cookie class를 사용해 쿠키로부터 토큰 추출 메서드 제작 - SuccessDto 헤더에 쿠키를 주입할 수 있도록 변경 - 토큰 재발급 API에서 refreshToken없이 accessToken만 재발급 후 전달 - 로그아웃 시 빈 쿠키를 전달하도록 작성 (쿠키는 httpOnly 옵션을 가지고 있으므로 백에서만 접근가능)
- Home에 접근 시 쿠키의 유효성 검사를 위해 만든 api - 단순히 cookie만 확인한 뒤 응답값을 전달
- AccessToken : 10분 -> 1시간 - RefreshToken : 2시간 -> 1일(24시간) - AccessToken Cookie : 1시간 반 (토큰 재발급 때문에 30분 추가하여 설정) - RefreshToken Cookie : 1일(24시간)
- Cookie의 만료시간 설정에 따라 토큰 없이 요청이 들어올 수 있으므로 ACCESS_TOKEN_NOT_FOUND 설정 - 에러코드의 순서 변경
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
API Docs
✴️ request
✅ response
Comment