Refresh Token 쿠키의 유효 기간 설정

2025-12-12 21:08:46 +00:00 · 2024-12-26 19:23:39 +09:00
parent bd1cc9ea38
commit da4b753c41
4 changed files with 16 additions and 2 deletions
--- a/drizzle.config.ts
+++ b/drizzle.config.ts
@@ -1,11 +1,10 @@
 import { defineConfig } from "drizzle-kit";
-if (!process.env.DATABASE_URL) throw new Error("DATABASE_URL is not set");

 export default defineConfig({
  schema: "./src/lib/server/db/schema",

  dbCredentials: {
-    url: process.env.DATABASE_URL,
+    url: process.env.DATABASE_URL || "local.db",
  },

  verbose: true,
--- a/package.json
+++ b/package.json
@@ -23,6 +23,7 @@
    "@sveltejs/vite-plugin-svelte": "^4.0.0",
    "@types/better-sqlite3": "^7.6.11",
    "@types/jsonwebtoken": "^9.0.7",
+    "@types/ms": "^0.7.34",
    "autoprefixer": "^10.4.20",
    "drizzle-kit": "^0.22.0",
    "eslint": "^9.7.0",
@@ -44,6 +45,7 @@
    "better-sqlite3": "^11.1.2",
    "drizzle-orm": "^0.33.0",
    "jsonwebtoken": "^9.0.2",
+    "ms": "^2.1.3",
    "zod": "^3.24.1"
  }
 }
--- a/pnpm-lock.yaml
+++ b/pnpm-lock.yaml
@@ -17,6 +17,9 @@ dependencies:
  jsonwebtoken:
    specifier: ^9.0.2
    version: 9.0.2
+  ms:
+    specifier: ^2.1.3
+    version: 2.1.3
  zod:
    specifier: ^3.24.1
    version: 3.24.1
@@ -40,6 +43,9 @@ devDependencies:
  '@types/jsonwebtoken':
    specifier: ^9.0.7
    version: 9.0.7
+  '@types/ms':
+    specifier: ^0.7.34
+    version: 0.7.34
  autoprefixer:
    specifier: ^10.4.20
    version: 10.4.20(postcss@8.4.49)
@@ -1228,6 +1234,10 @@ packages:
      '@types/node': 22.10.2
    dev: true

+  /@types/ms@0.7.34:
+    resolution: {integrity: sha512-nG96G3Wp6acyAgJqGasjODb+acrI7KltPiRxzHPXnP3NgI28bpQDRv53olbqGXbfcgF5aiiHmO3xpwEpS5Ld9g==}
+    dev: true
+
  /@types/node@22.10.2:
    resolution: {integrity: sha512-Xxr6BBRCAOQixvonOye19wnzyDiUtTeqldOOmj3CkeblonbccA12PFwlufvRdrpjXxqnmUaeiU5EOA+7s5diUQ==}
    dependencies:
--- a/src/routes/api/auth/login/+server.ts
+++ b/src/routes/api/auth/login/+server.ts
@@ -1,5 +1,7 @@
 import { error, json } from "@sveltejs/kit";
+import ms from "ms";
 import { z } from "zod";
+import env from "$lib/server/loadenv";
 import { login } from "$lib/server/services/auth";
 import type { RequestHandler } from "./$types";

@@ -18,6 +20,7 @@ export const POST: RequestHandler = async ({ request, cookies }) => {

  cookies.set("refreshToken", refreshToken, {
    path: "/api/auth",
+    maxAge: Math.floor(ms(env.jwt.refreshExp) / 1000),
    httpOnly: true,
    secure: true,
    sameSite: "strict",