Merge pull request #108 from modern-agile-team/feature/auth

Refactor(NicoDora/auth) : 로그인할 때 리프레시 토큰 쿠키에 담아 보냄.

package.json

@@ -26,30 +26,24 @@
     "@nestjs/core": "^10.0.0",
     "@nestjs/jwt": "^10.1.1",
     "@nestjs/mongoose": "^10.0.1",
-    "@nestjs/passport": "^10.0.2",
     "@nestjs/platform-express": "^10.0.0",
     "@nestjs/platform-socket.io": "^10.2.5",
     "@nestjs/schedule": "^4.0.0",
     "@nestjs/swagger": "^7.1.10",
     "@nestjs/typeorm": "^10.0.0",
     "@nestjs/websockets": "^10.2.5",
-    "@types/passport-jwt": "^3.0.12",
     "aws-sdk": "^2.1443.0",
     "axios": "^1.5.1",
     "chalk": "^5.3.0",
     "class-transformer": "^0.5.1",
     "class-validator": "^0.14.0",
     "config": "^3.3.9",
+    "cookie-parser": "^1.4.6",
     "dotenv": "^16.3.1",
     "mongoose": "^7.5.0",
     "mysql2": "^3.6.0",
     "nest-aws-sdk": "^3.0.1",
     "nestjs-asyncapi": "^1.2.1",
-    "passport": "^0.6.0",
-    "passport-google-oauth20": "^2.0.0",
-    "passport-jwt": "^4.0.1",
-    "passport-kakao": "^1.0.1",
-    "passport-naver-v2": "^2.0.8",
     "reflect-metadata": "^0.1.13",
     "rxjs": "^7.8.1",
     "socket.io-client": "^4.7.2",
@@ -61,11 +55,11 @@
     "@nestjs/schematics": "^10.0.2",
     "@nestjs/testing": "^10.0.0",
     "@types/config": "^3.3.2",
+    "@types/cookie-parser": "^1.4.6",
     "@types/express": "^4.17.17",
     "@types/jest": "^29.5.2",
     "@types/multer": "^1.4.9",
     "@types/node": "^20.3.1",
-    "@types/passport-naver": "^1.0.1",
     "@types/supertest": "^2.0.12",
     "@typescript-eslint/eslint-plugin": "^6.0.0",
     "@typescript-eslint/parser": "^6.0.0",

src/auth/controllers/auth.controller.ts

@@ -11,7 +11,7 @@ import {
 } from '@nestjs/common';
 import { S3Service } from 'src/common/s3/s3.service';
 import { TokenService } from '../services/token.service';
-import { ApiTags } from '@nestjs/swagger';
+import { ApiCookieAuth, ApiTags } from '@nestjs/swagger';
 import { ApiNaverLogin } from '../swagger-decorators/naver-login.decorator';
 import { ApiKakaoLogin } from '../swagger-decorators/kakao-login.decorator';
 import { ApiNewAccessToken } from '../swagger-decorators/new-access-token.decorator';
@@ -29,8 +29,8 @@ import { GetUserId } from 'src/common/decorators/get-userId.decorator';
 export class AuthController {
   constructor(
     private readonly authService: AuthService,
-    private tokenService: TokenService,
-    private s3Service: S3Service,
+    private readonly tokenService: TokenService,
+    private readonly s3Service: S3Service,
   ) {}
 
   @ApiNaverLogin()
@@ -52,7 +52,13 @@ export class AuthController {
       naverRefreshToken,
     );
 
-    return res.json({ accessToken, refreshToken });
+    res.cookie('refresh_token', refreshToken, {
+      httpOnly: true,
+      secure: true,
+      maxAge: 1000 * 60 * 60 * 24 * 7, // 7일
+    });
+
+    return res.json({ accessToken });
   }
 
   @ApiKakaoLogin()
@@ -74,9 +80,16 @@ export class AuthController {
       kakaoRefreshToken,
     );
 
-    return res.json({ accessToken, refreshToken });
+    res.cookie('refresh_token', refreshToken, {
+      httpOnly: true,
+      secure: true,
+      maxAge: 1000 * 60 * 60 * 24 * 7, // 7일
+    });
+
+    return res.json({ accessToken });
   }
 
+  @ApiCookieAuth('refresh-token')
   @ApiNewAccessToken()
   @UseGuards(JwtRefreshTokenGuard)
   @Get('new-access-token')

src/auth/swagger-decorators/kakao-login.decorator.ts

@@ -9,7 +9,7 @@ export function ApiKakaoLogin() {
     }),
     ApiResponse({
       status: 200,
-      description: '성공적으로 로그인 된 경우',
+      description: '성공적으로 로그인 된 경우 (refresh_token은 쿠키로 전달됨)',
       content: {
         JSON: {
           example: {

src/auth/swagger-decorators/naver-login.decorator.ts

@@ -1,5 +1,10 @@
 import { applyDecorators } from '@nestjs/common';
-import { ApiOperation, ApiQuery, ApiResponse } from '@nestjs/swagger';
+import {
+  ApiHeader,
+  ApiOperation,
+  ApiQuery,
+  ApiResponse,
+} from '@nestjs/swagger';
 
 export function ApiNaverLogin() {
   return applyDecorators(
@@ -9,12 +14,11 @@ export function ApiNaverLogin() {
     }),
     ApiResponse({
       status: 200,
-      description: '성공적으로 로그인 된 경우',
+      description: '성공적으로 로그인 된 경우 (refresh_token은 쿠키로 전달됨)',
       content: {
         JSON: {
           example: {
             accessToken: '여기에 액세스 토큰',
-            refreshToken: '여기에 리프레시 토큰',
           },
         },
       },

src/auth/swagger-decorators/new-access-token.decorator.ts

@@ -1,5 +1,5 @@
 import { applyDecorators } from '@nestjs/common';
-import { ApiHeaders, ApiOperation, ApiResponse } from '@nestjs/swagger';
+import { ApiOperation, ApiResponse } from '@nestjs/swagger';
 
 export function ApiNewAccessToken() {
   return applyDecorators(
@@ -49,13 +49,5 @@ export function ApiNewAccessToken() {
         },
       },
     }),
-    ApiHeaders([
-      {
-        name: 'refresh_token',
-        description: '리프레시 토큰',
-        required: true,
-        example: '여기에 리프레시 토큰',
-      },
-    ]),
   );
 }

src/config/guards/jwt-refresh-token.guard.ts

@@ -1,15 +1,13 @@
-import { ExecutionContext, Injectable } from "@nestjs/common";
-import { TokenService } from "src/auth/services/token.service";
+import { ExecutionContext, Injectable } from '@nestjs/common';
+import { TokenService } from 'src/auth/services/token.service';
 
 @Injectable()
 export class JwtRefreshTokenGuard {
-  constructor(
-    private tokenService: TokenService,
-  ) {}
+  constructor(private tokenService: TokenService) {}
 
   async canActivate(context: ExecutionContext) {
     const request = context.switchToHttp().getRequest();
-    const refreshToken = request.headers['refresh_token'];
+    const refreshToken = request.cookies['refresh_token'];
 
     if (!refreshToken) {
       return false;
@@ -20,4 +18,4 @@ export class JwtRefreshTokenGuard {
 
     return true;
   }
-}
+}

src/config/swagger.ts

@@ -6,8 +6,27 @@ export function setupSwagger(app: INestApplication): void {
     .setTitle('ma6-main API')
     .setDescription('모던애자일 6기 메인프로젝트 API 문서')
     .setVersion('1.0')
-    .addCookieAuth('connect.sid')
-    .addBearerAuth({ type: 'http', scheme: 'bearer', bearerFormat: 'JWT', name: 'JWT', description: '여기에 토큰 입력', in: 'header' }, 'access-token')
+    .addBearerAuth(
+      {
+        type: 'http',
+        scheme: 'bearer',
+        bearerFormat: 'JWT',
+        name: 'JWT',
+        description: '여기에 토큰 입력',
+        in: 'header',
+      },
+      'access-token',
+    )
+    .addCookieAuth(
+      'refreshToken-cookie',
+      {
+        type: 'http',
+        in: 'Header',
+        scheme: 'Bearer',
+        description: '여기에 토큰 입력',
+      },
+      'refresh-token',
+    )
     .build();
   const document = SwaggerModule.createDocument(app, config);
   SwaggerModule.setup('swagger', app, document);

src/main.ts

@@ -3,13 +3,15 @@ import { AppModule } from './app.module';
 import { Logger, ValidationPipe } from '@nestjs/common';
 import { setupSwagger } from './config/swagger';
 import { AsyncApiDocumentBuilder, AsyncApiModule } from 'nestjs-asyncapi';
+import * as cookieParser from 'cookie-parser';
 
 async function bootstrap() {
   const app = await NestFactory.create(AppModule, { cors: true });
   const logger = new Logger();
   app.useGlobalPipes(new ValidationPipe());
   // app.useGlobalFilters(new HttpExceptionFilter());
   app.enableCors();
+  app.use(cookieParser());
   setupSwagger(app);
   const asyncApiOptions = new AsyncApiDocumentBuilder()
     .setTitle('ma6-main-asyncapi')