From 73c06f811baaf68ab86302574ea1cef9931eff61 Mon Sep 17 00:00:00 2001
From: Wo-ogie <siwall0105@gmail.com>
Date: Sun, 10 Dec 2023 03:26:00 +0900
Subject: [PATCH] =?UTF-8?q?refactor:=20cookie-session=20=EB=A1=9C=EA=B7=B8?=
 =?UTF-8?q?=EC=9D=B8=20=EB=B0=A9=EC=8B=9D=EC=9C=BC=EB=A1=9C=20=EC=88=98?=
 =?UTF-8?q?=EC=A0=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 controllers/meeting.js | 32 +++++---------------------------
 middlewares/auth.js    | 11 ++++-------
 2 files changed, 9 insertions(+), 34 deletions(-)

diff --git a/controllers/meeting.js b/controllers/meeting.js
index 4e0771e..dd15563 100644
--- a/controllers/meeting.js
+++ b/controllers/meeting.js
@@ -57,33 +57,11 @@ async function validatePasswordIsMatched(requestPassword, exPassword) {
   }
 }
 
-function setParticipantDataToCookie(req, res, participant) {
-  const cookieName = 'participantData';
-  const cookieOptions = {
-    httpOnly: true,
-    signed: true,
+function storeParticipantDataToSession(req, res, participant) {
+  req.session.participant = {
+    meetingId: participant.MeetingId,
+    participantId: participant.id,
   };
-
-  const existCookie = req.signedCookies.participantData || null;
-  if (existCookie) {
-    res.clearCookie(
-      cookieName,
-      JSON.stringify({
-        meetingId: existCookie.meetingId,
-        participantId: existCookie.participantId,
-      }),
-      cookieOptions,
-    );
-  }
-
-  res.cookie(
-    cookieName,
-    JSON.stringify({
-      meetingId: participant.MeetingId,
-      participantId: participant.id,
-    }),
-    cookieOptions,
-  );
 }
 
 exports.createMeeting = async (req, res, next) => {
@@ -131,7 +109,7 @@ exports.entry = async (req, res, next) => {
         participant.password,
       );
     }
-    setParticipantDataToCookie(req, res, participant);
+    storeParticipantDataToSession(req, res, participant);
     return res.status(204).end();
   } catch (error) {
     return next(error);
diff --git a/middlewares/auth.js b/middlewares/auth.js
index a8f3784..37dae35 100644
--- a/middlewares/auth.js
+++ b/middlewares/auth.js
@@ -1,8 +1,5 @@
-function parseParticipantData(req, res, next) {
-  let participantData = null;
-  if (req.signedCookies.participantData) {
-    participantData = JSON.parse(req.signedCookies.participantData);
-  }
+function getParticipantDataFromSession(req, res, next) {
+  const participantData = req.session.participant;
   if (!participantData) {
     const error = new Error('인증 권한이 없습니다.');
     error.status = 401;
@@ -12,7 +9,7 @@ function parseParticipantData(req, res, next) {
 }
 
 exports.isAuthenticated = (req, res, next) => {
-  const participantData = parseParticipantData(req, res, next);
+  const participantData = getParticipantDataFromSession(req, res, next);
   if (participantData.meetingId !== req.params.meetingId) {
     const error = new Error('접근 권한이 없습니다.');
     error.status = 401;
@@ -23,6 +20,6 @@ exports.isAuthenticated = (req, res, next) => {
 };
 
 exports.getLoggedInParticipantId = (req, res, next) => {
-  const participantData = parseParticipantData(req, res, next);
+  const participantData = getParticipantDataFromSession(req, res, next);
   return participantData?.participantId;
 };
-- 
GitLab