chore: 잘못된 토큰인 경우 세션 관련 쿠키를 전부 제거

chedakr · Apr 27, 2024 · 94f040e · 94f040e
1 parent db7a90f
commit 94f040e
Showing 1 changed file with 7 additions and 3 deletions.
diff --git a/apps/api/src/services/auth/v1/route.ts b/apps/api/src/services/auth/v1/route.ts
@@ -164,6 +164,11 @@ const decryptToken = async <C extends Context = Context>(context: C, token: stri
 	return result.plaintext;
 };
 
+const deleteSessionCookies = (c: Context) => {
+	deleteCookie(c, 'session_id');
+	deleteCookie(c, 'session_sid');
+};
+
 const withSession: MiddlewareHandler<{
 	Bindings: Env,
 	Variables: {
@@ -236,7 +241,7 @@ const withSession: MiddlewareHandler<{
 		c.set('session', { user });
 	} catch (e) {
 		if (e instanceof InvalidToken) {
-			deleteCookie(c, 'session_id');
+			deleteSessionCookies(c);
 			return c.json({ message: 'Unauthorized' }, 401);
 		}
 		throw e;
@@ -278,8 +283,7 @@ app.get('/logout', withPrevUrl, async (c) => {
 	const result = await response.json() as DeleteTokenRespone;
 	*/
 
-	deleteCookie(c, 'session_id');
-	deleteCookie(c, 'session_sid');
+	deleteSessionCookies(c);
 
 	return c.redirect(c.var.prevUrl);
 });