Spaces:
Running
Running
| // backend/src/auth/controller.ts | |
| import { Request, Response } from "express"; | |
| import jwt from "jsonwebtoken"; | |
| const ACCESS_SECRET = process.env.JWT_SECRET!; | |
| const REFRESH_SECRET = process.env.JWT_REFRESH_SECRET!; | |
| export function login(req: Request, res: Response) { | |
| const { id, password } = req.body; | |
| if (id !== process.env.ADMIN_ID || password !== process.env.ADMIN_PASSWORD) { | |
| return res.status(401).json({ error: "Invalid credentials" }); | |
| } | |
| const payload = { id }; | |
| // Access Token (1시간) | |
| const accessToken = jwt.sign(payload, ACCESS_SECRET, { expiresIn: "1h" }); | |
| // Refresh Token (7일) | |
| const refreshToken = jwt.sign(payload, REFRESH_SECRET, { expiresIn: "7d" }); | |
| // Refresh Token은 HttpOnly 쿠키에 저장 | |
| res.cookie("refreshToken", refreshToken, { | |
| httpOnly: true, | |
| secure: true, | |
| sameSite: "none", | |
| path: "/api/auth/refresh", | |
| maxAge: 7 * 24 * 60 * 60 * 1000, | |
| }); | |
| return res.json({ token: accessToken }); | |
| } | |
| export function verify(req: Request, res: Response) { | |
| if (!req.user) { | |
| return res.status(401).json({ valid: false, error: "Invalid or expired token" }); | |
| } | |
| return res.json({ valid: true, user: req.user }); | |
| } | |
| export function refresh(req: Request, res: Response) { | |
| const token = req.cookies.refreshToken; | |
| if (!token) { | |
| return res.status(401).json({ error: "Missing refresh token" }); | |
| } | |
| try { | |
| const decoded = jwt.verify(token, REFRESH_SECRET) as any; | |
| const payload = { id: decoded.id }; | |
| // 새 Access Token 발급 | |
| const newAccessToken = jwt.sign(payload, ACCESS_SECRET, { expiresIn: "1h" }); | |
| return res.json({ token: newAccessToken }); | |
| } catch (err) { | |
| return res.status(401).json({ error: "Refresh token invalid or expired" }); | |
| } | |
| } | |