Token Refresh/Upgrade와 관련된 DB 제약 위반 수정

2025-12-16 15:08:46 +00:00 · 2024-12-31 05:00:03 +09:00
parent 08a23b61b2
commit 0f87975040
3 changed files with 48 additions and 23 deletions
--- a/src/lib/server/db/token.ts
+++ b/src/lib/server/db/token.ts
@@ -38,15 +38,20 @@ export const getRefreshToken = async (tokenId: string) => {
 };

 export const rotateRefreshToken = async (oldTokenId: string, newTokenId: string) => {
-  const res = await db
-    .update(refreshToken)
-    .set({
-      id: newTokenId,
-      expiresAt: expiresAt(),
-    })
-    .where(eq(refreshToken.id, oldTokenId))
-    .execute();
-  return res.changes > 0;
+  return await db.transaction(async (tx) => {
+    await tx
+      .delete(tokenUpgradeChallenge)
+      .where(eq(tokenUpgradeChallenge.refreshTokenId, oldTokenId));
+    const res = await db
+      .update(refreshToken)
+      .set({
+        id: newTokenId,
+        expiresAt: expiresAt(),
+      })
+      .where(eq(refreshToken.id, oldTokenId))
+      .execute();
+    return res.changes > 0;
+  });
 };

 export const upgradeRefreshToken = async (
@@ -54,16 +59,21 @@ export const upgradeRefreshToken = async (
  newTokenId: string,
  clientId: number,
 ) => {
-  const res = await db
-    .update(refreshToken)
-    .set({
-      id: newTokenId,
-      clientId,
-      expiresAt: expiresAt(),
-    })
-    .where(eq(refreshToken.id, oldTokenId))
-    .execute();
-  return res.changes > 0;
+  return await db.transaction(async (tx) => {
+    await tx
+      .delete(tokenUpgradeChallenge)
+      .where(eq(tokenUpgradeChallenge.refreshTokenId, oldTokenId));
+    const res = await tx
+      .update(refreshToken)
+      .set({
+        id: newTokenId,
+        clientId,
+        expiresAt: expiresAt(),
+      })
+      .where(eq(refreshToken.id, oldTokenId))
+      .execute();
+    return res.changes > 0;
+  });
 };

 export const revokeRefreshToken = async (tokenId: string) => {