Merge pull request #182 from boostcampwm2023/hotfix/expired-access-to…

…ken-reissue [Hotfix] 만료된 액세스 토큰으로 요청 시 성공하도록 수정
boostcampwm2023 · Nov 30, 2023 · 49f540c · 49f540c
2 parents 7e8e9a7 + 9af5a24
commit 49f540c
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 10 deletions.
diff --git a/BE/src/auth/auth.controller.ts b/BE/src/auth/auth.controller.ts
@@ -49,10 +49,7 @@ export class AuthController {
   @Post("/reissue")
   @UseGuards(ExpiredOrNotGuard)
   @HttpCode(201)
-  async reissueAccessToken(
-    @GetUser() user: User,
-    @Req() request: Request,
-  ): Promise<AccessTokenDto> {
-    return await this.authService.reissueAccessToken(user, request);
+  async reissueAccessToken(@Req() request: Request): Promise<AccessTokenDto> {
+    return await this.authService.reissueAccessToken(request);
   }
 }
diff --git a/BE/src/auth/auth.service.ts b/BE/src/auth/auth.service.ts
@@ -9,6 +9,7 @@ import { User } from "./users.entity";
 import { Redis } from "ioredis";
 import { InjectRedis } from "@liaoliaots/nestjs-redis";
 import { Request } from "express";
+import * as jwt from "jsonwebtoken";
 
 @Injectable()
 export class AuthService {
@@ -59,11 +60,15 @@ export class AuthService {
     await this.redisClient.del(user.userId);
   }
 
-  async reissueAccessToken(
-    user: User,
-    request: Request,
-  ): Promise<AccessTokenDto> {
-    const userId = user.userId;
+  async reissueAccessToken(request: Request): Promise<AccessTokenDto> {
+    const expiredAccessToken = request.headers.authorization.split(" ")[1];
+
+    // 만료된 액세스 토큰을 직접 디코딩
+    const base64Payload = expiredAccessToken.split(".")[1];
+    const payload = Buffer.from(base64Payload, "base64");
+    const expiredResult = JSON.parse(payload.toString());
+
+    const userId = expiredResult.userId;
     const accessTokenPayload = { userId };
     const accessToken = await this.jwtService.sign(accessTokenPayload, {
       expiresIn: "1h",