velog-io
diff --git a/‎packages/velog-server/package.json
Lines changed: 1 addition & 1 deletion b/‎packages/velog-server/package.json
Lines changed: 1 addition & 1 deletion
diff --git a/‎packages/velog-server/src/common/plugins/global/authPlugin.ts
Lines changed: 20 additions & 8 deletions b/‎packages/velog-server/src/common/plugins/global/authPlugin.ts
Lines changed: 20 additions & 8 deletions
diff --git a/‎packages/velog-server/src/lib/jwt/JwtService.ts
Lines changed: 2 additions & 2 deletions b/‎packages/velog-server/src/lib/jwt/JwtService.ts
Lines changed: 2 additions & 2 deletions
diff --git a/‎packages/velog-server/src/routes/auth/v3/social/SocialController.ts
Lines changed: 2 additions & 2 deletions b/‎packages/velog-server/src/routes/auth/v3/social/SocialController.ts
Lines changed: 2 additions & 2 deletions
diff --git a/‎packages/velog-server/src/services/UserService/index.ts
Lines changed: 1 addition & 1 deletion b/‎packages/velog-server/src/services/UserService/index.ts
Lines changed: 1 addition & 1 deletion
@@ -60,7 +60,7 @@
     "graphql-scalars": "^1.22.2",
     "inquirer": "^9.2.12",
     "ioredis": "^5.3.2",
-    "jsonwebtoken": "^9.0.0",
+    "jsonwebtoken": "^9.0.2",
     "lru-cache": "^10.0.0",
     "marked": "^8.0.0",
     "mercurius": "^13.0.0",
 
@@ -10,27 +10,39 @@ const authPlugin: FastifyPluginAsync = async (fastify) => {
   fastify.decorateRequest('user', null)
   fastify.addHook('preHandler', async (request, reply) => {
     if (request.url.includes('/auth/logout')) return
+
+    const userService = container.resolve(UserService)
     let accessToken: string | undefined = request.cookies['access_token']
     const refreshToken: string | undefined = request.cookies['refresh_token']
     const authorization = request.headers['authorization']
+
     try {
       if (!accessToken && authorization) {
         accessToken = authorization.split('Bearer ')[1]
       }
 
       const jwt = container.resolve(JwtService)
 
-      if (!accessToken) return
-      const accessTokenData = await jwt.decodeToken<AccessTokenData>(accessToken)
+      if (!accessToken && !refreshToken) return
 
-      request.user = { id: accessTokenData.user_id }
+      if (accessToken && refreshToken) {
+        const accessTokenData = await jwt.decodeToken<AccessTokenData>(accessToken)
+        const diff = accessTokenData.exp * 1000 - new Date().getTime()
+        // refresh token when life < 30mins
+        if (diff < Time.ONE_MINUTE_IN_MS * 30 && refreshToken) {
+          await userService.restoreToken({ request, reply })
+        }
+      }
 
-      const diff = accessTokenData.exp * 1000 - new Date().getTime()
-      // refresh token when life < 30mins
-      if (diff < Time.ONE_MINUTE_IN_MS * 30 && refreshToken) {
-        const userService = container.resolve(UserService)
-        await userService.restoreToken({ request, reply })
+      if (!accessToken && refreshToken) {
+        const tokens = await userService.restoreToken({ request, reply })
+        accessToken = tokens.accessToken
       }
+
+      if (!accessToken) return
+
+      const accessTokenData = await jwt.decodeToken<AccessTokenData>(accessToken)
+      request.user = { id: accessTokenData.user_id }
     } catch (e) {
       console.log('accessToken', accessToken)
       console.log('authPlugin error', e)
 
@@ -63,7 +63,7 @@ export class JwtService {
       },
       {
         subject: 'access_token',
-        expiresIn: '1h',
+        expiresIn: '24h',
       },
     )
 
@@ -100,7 +100,7 @@ export class JwtService {
       },
       {
         subject: 'access_token',
-        expiresIn: '1h',
+        expiresIn: '24h',
       },
     )
 
 
@@ -131,7 +131,7 @@ export class SocialController implements Controller {
       if (user) {
         const tokens = await this.jwt.generateUserToken(user.id)
         this.cookie.setCookie(reply, 'access_token', tokens.accessToken, {
-          maxAge: Time.ONE_HOUR_IN_MS,
+          maxAge: Time.ONE_HOUR_IN_MS * 24,
         })
         this.cookie.setCookie(reply, 'refresh_token', tokens.refreshToken, {
           maxAge: Time.ONE_DAY_IN_MS * 30,
@@ -255,7 +255,7 @@ export class SocialController implements Controller {
 
     const tokens = await this.jwt.generateUserToken(user.id)
     this.cookie.setCookie(reply, 'access_token', tokens.accessToken, {
-      maxAge: Time.ONE_HOUR_IN_MS,
+      maxAge: Time.ONE_HOUR_IN_MS * 24,
     })
     this.cookie.setCookie(reply, 'refresh_token', tokens.refreshToken, {
       maxAge: Time.ONE_DAY_IN_MS * 30,
 
@@ -144,7 +144,7 @@ export class UserService implements Service {
     )
 
     this.cookie.setCookie(ctx.reply, 'access_token', tokens.accessToken, {
-      maxAge: Time.ONE_HOUR_IN_MS,
+      maxAge: Time.ONE_HOUR_IN_MS * 24,
     })
     this.cookie.setCookie(ctx.reply, 'refresh_token', tokens.refreshToken, {
       maxAge: Time.ONE_DAY_IN_MS * 30,
Original file line number	Diff line number	Diff line change
`@@ -63,7 +63,7 @@ export class JwtService {`
`63`	`63`	`},`
`64`	`64`	`{`
`65`	`65`	`subject: 'access_token',`
`66`		`- expiresIn: '1h',`
	`66`	`+ expiresIn: '24h',`
`67`	`67`	`},`
`68`	`68`	`)`
`69`	`69`
`@@ -100,7 +100,7 @@ export class JwtService {`
`100`	`100`	`},`
`101`	`101`	`{`
`102`	`102`	`subject: 'access_token',`
`103`		`- expiresIn: '1h',`
	`103`	`+ expiresIn: '24h',`
`104`	`104`	`},`
`105`	`105`	`)`
`106`	`106`
Original file line number	Diff line number	Diff line change
`@@ -144,7 +144,7 @@ export class UserService implements Service {`
`144`	`144`	`)`
`145`	`145`
`146`	`146`	`this.cookie.setCookie(ctx.reply, 'access_token', tokens.accessToken, {`
`147`		`- maxAge: Time.ONE_HOUR_IN_MS,`
	`147`	`+ maxAge: Time.ONE_HOUR_IN_MS * 24,`
`148`	`148`	`})`
`149`	`149`	`this.cookie.setCookie(ctx.reply, 'refresh_token', tokens.refreshToken, {`
`150`	`150`	`maxAge: Time.ONE_DAY_IN_MS * 30,`