refactor: cookie-session 로그인 방식으로 수정

73c06f81 · Wo-ogie · 159a6944 · 73c06f81 · 73c06f81
Commit 73c06f81 authored 1 year ago by Wo-ogie
--- a/controllers/meeting.js
+++ b/controllers/meeting.js
@@ -57,33 +57,11 @@ async function validatePasswordIsMatched(requestPassword, exPassword) {
  }
 }

-function setParticipantDataToCookie(req, res, participant) {
-  const cookieName = 'participantData';
-  const cookieOptions = {
-    httpOnly: true,
-    signed: true,
+function storeParticipantDataToSession(req, res, participant) {
+  req.session.participant = {
+    meetingId: participant.MeetingId,
+    participantId: participant.id,
  };
-
-  const existCookie = req.signedCookies.participantData || null;
-  if (existCookie) {
-    res.clearCookie(
-      cookieName,
-      JSON.stringify({
-        meetingId: existCookie.meetingId,
-        participantId: existCookie.participantId,
-      }),
-      cookieOptions,
-    );
-  }
-
-  res.cookie(
-    cookieName,
-    JSON.stringify({
-      meetingId: participant.MeetingId,
-      participantId: participant.id,
-    }),
-    cookieOptions,
-  );
 }

 exports.createMeeting = async (req, res, next) => {
@@ -131,7 +109,7 @@ exports.entry = async (req, res, next) => {
        participant.password,
      );
    }
-    setParticipantDataToCookie(req, res, participant);
+    storeParticipantDataToSession(req, res, participant);
    return res.status(204).end();
  } catch (error) {
    return next(error);

--- a/middlewares/auth.js
+++ b/middlewares/auth.js
-function parseParticipantData(req, res, next) {
-  let participantData = null;
-  if (req.signedCookies.participantData) {
-    participantData = JSON.parse(req.signedCookies.participantData);
-  }
+function getParticipantDataFromSession(req, res, next) {
+  const participantData = req.session.participant;
  if (!participantData) {
    const error = new Error('인증 권한이 없습니다.');
    error.status = 401;
@@ -12,7 +9,7 @@ function parseParticipantData(req, res, next) {
 }

 exports.isAuthenticated = (req, res, next) => {
-  const participantData = parseParticipantData(req, res, next);
+  const participantData = getParticipantDataFromSession(req, res, next);
  if (participantData.meetingId !== req.params.meetingId) {
    const error = new Error('접근 권한이 없습니다.');
    error.status = 401;
@@ -23,6 +20,6 @@ exports.isAuthenticated = (req, res, next) => {
 };

 exports.getLoggedInParticipantId = (req, res, next) => {
-  const participantData = parseParticipantData(req, res, next);
+  const participantData = getParticipantDataFromSession(req, res, next);
  return participantData?.participantId;
 };