fix: access_token expire time in cookie and jwt

winverse · winverse · commit 49d53427ef22 · 2024-02-14T15:55:19.000+09:00
diff --git a/packages/velog-server/package.json b/packages/velog-server/package.json
@@ -60,7 +60,7 @@
     "graphql-scalars": "^1.22.2",
     "inquirer": "^9.2.12",
     "ioredis": "^5.3.2",
-    "jsonwebtoken": "^9.0.0",
+    "jsonwebtoken": "^9.0.2",
     "lru-cache": "^10.0.0",
     "marked": "^8.0.0",
     "mercurius": "^13.0.0",
diff --git a/packages/velog-server/src/common/plugins/global/authPlugin.ts b/packages/velog-server/src/common/plugins/global/authPlugin.ts
@@ -10,9 +10,11 @@ const authPlugin: FastifyPluginAsync = async (fastify) => {
   fastify.decorateRequest('user', null)
   fastify.addHook('preHandler', async (request, reply) => {
     if (request.url.includes('/auth/logout')) return
+
     let accessToken: string | undefined = request.cookies['access_token']
     const refreshToken: string | undefined = request.cookies['refresh_token']
     const authorization = request.headers['authorization']
+
     try {
       if (!accessToken && authorization) {
         accessToken = authorization.split('Bearer ')[1]
diff --git a/packages/velog-server/src/lib/jwt/JwtService.ts b/packages/velog-server/src/lib/jwt/JwtService.ts
@@ -63,7 +63,7 @@ export class JwtService {
       },
       {
         subject: 'access_token',
-        expiresIn: '1h',
+        expiresIn: '24h',
       },
     )
 
@@ -100,7 +100,7 @@ export class JwtService {
       },
       {
         subject: 'access_token',
-        expiresIn: '1h',
+        expiresIn: '24h',
       },
     )
 
diff --git a/packages/velog-server/src/routes/auth/v3/social/SocialController.ts b/packages/velog-server/src/routes/auth/v3/social/SocialController.ts
@@ -131,7 +131,7 @@ export class SocialController implements Controller {
       if (user) {
         const tokens = await this.jwt.generateUserToken(user.id)
         this.cookie.setCookie(reply, 'access_token', tokens.accessToken, {
-          maxAge: Time.ONE_HOUR_IN_MS,
+          maxAge: Time.ONE_HOUR_IN_MS * 24,
         })
         this.cookie.setCookie(reply, 'refresh_token', tokens.refreshToken, {
           maxAge: Time.ONE_DAY_IN_MS * 30,
@@ -255,7 +255,7 @@ export class SocialController implements Controller {
 
     const tokens = await this.jwt.generateUserToken(user.id)
     this.cookie.setCookie(reply, 'access_token', tokens.accessToken, {
-      maxAge: Time.ONE_HOUR_IN_MS,
+      maxAge: Time.ONE_HOUR_IN_MS * 24,
     })
     this.cookie.setCookie(reply, 'refresh_token', tokens.refreshToken, {
       maxAge: Time.ONE_DAY_IN_MS * 30,
diff --git a/packages/velog-server/src/services/UserService/index.ts b/packages/velog-server/src/services/UserService/index.ts
@@ -144,7 +144,7 @@ export class UserService implements Service {
     )
 
     this.cookie.setCookie(ctx.reply, 'access_token', tokens.accessToken, {
-      maxAge: Time.ONE_HOUR_IN_MS,
+      maxAge: Time.ONE_HOUR_IN_MS * 24,
     })
     this.cookie.setCookie(ctx.reply, 'refresh_token', tokens.refreshToken, {
       maxAge: Time.ONE_DAY_IN_MS * 30,

Original file line number	Diff line number	Diff line change
`@@ -63,7 +63,7 @@ export class JwtService {`
`63`	`63`	`},`
`64`	`64`	`{`
`65`	`65`	`subject: 'access_token',`
`66`		`- expiresIn: '1h',`
	`66`	`+ expiresIn: '24h',`
`67`	`67`	`},`
`68`	`68`	`)`
`69`	`69`
`@@ -100,7 +100,7 @@ export class JwtService {`
`100`	`100`	`},`
`101`	`101`	`{`
`102`	`102`	`subject: 'access_token',`
`103`		`- expiresIn: '1h',`
	`103`	`+ expiresIn: '24h',`
`104`	`104`	`},`
`105`	`105`	`)`
`106`	`106`
Original file line number	Diff line number	Diff line change
`@@ -144,7 +144,7 @@ export class UserService implements Service {`
`144`	`144`	`)`
`145`	`145`
`146`	`146`	`this.cookie.setCookie(ctx.reply, 'access_token', tokens.accessToken, {`
`147`		`- maxAge: Time.ONE_HOUR_IN_MS,`
	`147`	`+ maxAge: Time.ONE_HOUR_IN_MS * 24,`
`148`	`148`	`})`
`149`	`149`	`this.cookie.setCookie(ctx.reply, 'refresh_token', tokens.refreshToken, {`
`150`	`150`	`maxAge: Time.ONE_DAY_IN_MS * 30,`