Access Token 저장 방식 변경

2025-12-15 06:18:48 +00:00 · 2024-12-28 16:54:46 +09:00
parent 1d0c309878
commit c09a0b4aa0
10 changed files with 44 additions and 83 deletions
--- a/src/routes/api/auth/refreshToken/+server.ts
+++ b/src/routes/api/auth/refreshToken/+server.ts
@@ -1,18 +1,20 @@
-import { error, json } from "@sveltejs/kit";
-import { refreshToken } from "$lib/server/services/auth";
+import { error, text } from "@sveltejs/kit";
+import { refreshTokens } from "$lib/server/services/auth";
 import type { RequestHandler } from "./$types";

 export const POST: RequestHandler = async ({ cookies }) => {
  const token = cookies.get("refreshToken");
-  if (!token) error(401, "Token not found");
+  if (!token) error(401, "Refresh token not found");

-  const { accessToken, refreshToken: newToken } = await refreshToken(token.trim());
+  const { accessToken, refreshToken } = await refreshTokens(token.trim());

-  cookies.set("refreshToken", newToken, {
-    path: "/api/auth",
-    httpOnly: true,
-    secure: true,
+  cookies.set("accessToken", accessToken, {
+    path: "/",
    sameSite: "strict",
  });
-  return json({ accessToken });
+  cookies.set("refreshToken", refreshToken, {
+    path: "/api/auth",
+    sameSite: "strict",
+  });
+  return text("Token refreshed", { headers: { "Content-Type": "text/plain" } });
 };