From 53ec923057d6a2c17e3371a6128c14b293302195 Mon Sep 17 00:00:00 2001
From: minjungw00 <minjungw00@naver.com>
Date: Wed, 4 Dec 2024 21:36:58 +0900
Subject: [PATCH] =?UTF-8?q?fix:=20Access=20Token=20=EC=9D=B8=EC=A6=9D=20?=
 =?UTF-8?q?=EA=B3=BC=EC=A0=95=EC=97=90=EC=84=9C=20tokenVersion=20=EC=A0=9C?=
 =?UTF-8?q?=EA=B1=B0?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

#293
---
 server/src/auth/auth.controller.ts           |  3 ---
 server/src/auth/auth.service.ts              |  7 -------
 server/src/auth/guards/jwt-auth.guard.ts     | 15 +--------------
 server/src/auth/schemas/user.schema.ts       |  3 ---
 server/src/auth/test/auth.controller.spec.ts |  1 -
 server/src/auth/test/auth.service.spec.ts    |  4 ----
 6 files changed, 1 insertion(+), 32 deletions(-)

diff --git a/server/src/auth/auth.controller.ts b/server/src/auth/auth.controller.ts
index 623d15b6..7ce2427a 100644
--- a/server/src/auth/auth.controller.ts
+++ b/server/src/auth/auth.controller.ts
@@ -103,9 +103,6 @@ export class AuthController {
     // DB에서 refresh token 삭제
     await this.authService.removeRefreshToken(user.id);
 
-    // 사용자의 token version 증가
-    await this.authService.increaseTokenVersion(user);
-
     // 쿠키 삭제
     this.authService.clearCookie(req.res);
   }
diff --git a/server/src/auth/auth.service.ts b/server/src/auth/auth.service.ts
index 88faa464..262a5619 100644
--- a/server/src/auth/auth.service.ts
+++ b/server/src/auth/auth.service.ts
@@ -71,7 +71,6 @@ export class AuthService {
     return this.jwtService.sign({
       sub: user.id,
       email: user.email,
-      tokenVersion: await this.increaseTokenVersion(user),
     });
   }
 
@@ -87,12 +86,6 @@ export class AuthService {
     return refreshToken;
   }
 
-  async increaseTokenVersion(user: User): Promise<number> {
-    const tokenVersion = user.tokenVersion + 1;
-    await this.userModel.updateOne({ id: user.id }, { tokenVersion });
-    return tokenVersion;
-  }
-
   async login(user: User, res: Response): Promise<UserDto> {
     const accessToken = await this.generateAccessToken(user);
     const refreshToken = await this.generateRefreshToken(user.id);
diff --git a/server/src/auth/guards/jwt-auth.guard.ts b/server/src/auth/guards/jwt-auth.guard.ts
index 961db914..6a16526d 100644
--- a/server/src/auth/guards/jwt-auth.guard.ts
+++ b/server/src/auth/guards/jwt-auth.guard.ts
@@ -1,14 +1,9 @@
 import { Injectable, ExecutionContext, UnauthorizedException } from "@nestjs/common";
 import { AuthGuard } from "@nestjs/passport";
-import { AuthService } from "../auth.service";
-import { JwtService } from "@nestjs/jwt";
 
 @Injectable()
 export class JwtAuthGuard extends AuthGuard("jwt") {
-  constructor(
-    private readonly authService: AuthService,
-    private readonly jwtService: JwtService,
-  ) {
+  constructor() {
     super();
   }
 
@@ -22,14 +17,6 @@ export class JwtAuthGuard extends AuthGuard("jwt") {
 
     const canActivate = (await super.canActivate(context)) as boolean;
 
-    // Access Token의 tokenVersion과 사용자의 tokenVersion 일치 여부 확인
-    const decodedToken = this.jwtService.decode(token) as { sub: string; tokenVersion: number };
-    const user = await this.authService.findById(decodedToken.sub);
-
-    if (!user || user.tokenVersion !== decodedToken.tokenVersion) {
-      throw new UnauthorizedException("Invalid token version");
-    }
-
     return canActivate;
   }
 }
diff --git a/server/src/auth/schemas/user.schema.ts b/server/src/auth/schemas/user.schema.ts
index 41ebadf9..1881429f 100644
--- a/server/src/auth/schemas/user.schema.ts
+++ b/server/src/auth/schemas/user.schema.ts
@@ -18,9 +18,6 @@ export class User {
   @Prop({ required: true })
   name: string;
 
-  @Prop({ required: true, default: () => 0 })
-  tokenVersion: number;
-
   @Prop()
   refreshToken: string;
 
diff --git a/server/src/auth/test/auth.controller.spec.ts b/server/src/auth/test/auth.controller.spec.ts
index 2c386554..617f4831 100644
--- a/server/src/auth/test/auth.controller.spec.ts
+++ b/server/src/auth/test/auth.controller.spec.ts
@@ -25,7 +25,6 @@ describe("AuthController", () => {
     validateUser: jest.fn(),
     getProfile: jest.fn(),
     refresh: jest.fn(),
-    increaseTokenVersion: jest.fn(),
     isValidEmail: jest.fn(),
   };
 
diff --git a/server/src/auth/test/auth.service.spec.ts b/server/src/auth/test/auth.service.spec.ts
index bb17b6f8..0e609d4d 100644
--- a/server/src/auth/test/auth.service.spec.ts
+++ b/server/src/auth/test/auth.service.spec.ts
@@ -25,7 +25,6 @@ describe("AuthService", () => {
     email: "test@example.com",
     password: "hashedPassword",
     name: "Test User",
-    tokenVersion: 0,
   };
 
   const mockUserModel = {
@@ -139,7 +138,6 @@ describe("AuthService", () => {
         id: "mockNanoId123",
         email: "test@example.com",
         name: "Test User",
-        tokenVersion: 0,
       };
 
       const mockResponse = {
@@ -152,7 +150,6 @@ describe("AuthService", () => {
       expect(jwtService.sign).toHaveBeenCalledWith({
         sub: user.id,
         email: user.email,
-        tokenVersion: user.tokenVersion + 1,
       });
       expect(mockResponse.cookie).toHaveBeenCalledWith("refreshToken", expect.any(String), {
         httpOnly: true,
@@ -234,7 +231,6 @@ describe("AuthService", () => {
       expect(jwtService.sign).toHaveBeenCalledWith({
         sub: mockUser.id,
         email: mockUser.email,
-        tokenVersion: 1,
       });
       expect(mockResponse.header).toHaveBeenCalledWith("Authorization", `Bearer test-token`);
       expect(result).toEqual({