Merge pull request #520 from meowzip/reese

fix: cookie deletion fails on logout in production

Author: reeseo3o

src/app/api/auth/logout/route.ts

@@ -1,27 +1,38 @@
 import { NextResponse } from 'next/server';
 
+const getCookieDomain = () => {
+  const isProduction = process.env.NODE_ENV === 'production';
+
+  if (!isProduction) {
+    return 'localhost';
+  }
+
+  return '.meowzip.com';
+};
+
 export async function POST() {
   const response = NextResponse.json({ success: true });
 
   const isProduction = process.env.NODE_ENV === 'production';
-  const isLocalhost = !isProduction;
+  const cookieDomain = getCookieDomain();
 
   const baseConfig = {
     secure: isProduction,
     path: '/',
-    ...(isLocalhost && { domain: 'localhost' })
+    domain: cookieDomain
   };
 
   const cookieConfigs = {
     Authorization: {
       ...baseConfig,
-      secure: true
+      secure: true,
+      sameSite: 'lax' as const
     },
     'Authorization-Refresh': {
       ...baseConfig,
-      secure: true
+      secure: true,
+      sameSite: 'lax' as const
     },
-
     'next-auth.session-token': {
       ...baseConfig,
       sameSite: 'lax' as const

src/utils/fetch.ts

@@ -42,6 +42,14 @@ const isTokenExpired = (token: string): boolean => {
 let isRefreshing = false;
 let refreshPromise: Promise<string | null> | null = null;
 
+const getRefreshTokenUrl = (): string => {
+  if (typeof window === 'undefined') {
+    const baseUrl = process.env.NEXT_PUBLIC_BASE_URL;
+    return `${baseUrl}/api/auth/refresh-token`;
+  }
+  return '/api/auth/refresh-token';
+};
+
 const refreshTokenIfNeeded = async (): Promise<string | null> => {
   if (isRefreshing && refreshPromise) {
     return refreshPromise;
@@ -50,10 +58,33 @@ const refreshTokenIfNeeded = async (): Promise<string | null> => {
   isRefreshing = true;
   refreshPromise = (async () => {
     try {
-      const response = await fetch('/api/auth/refresh-token', {
+      const refreshUrl = getRefreshTokenUrl();
+      const requestOptions: RequestInit = {
         method: 'POST',
         credentials: 'include'
-      });
+      };
+
+      if (typeof window === 'undefined') {
+        try {
+          const { cookies } = await import('next/headers');
+          const cookieStore = cookies();
+          const refreshToken = cookieStore.get('Authorization-Refresh')?.value;
+
+          if (!refreshToken) {
+            console.error('서버 사이드: Refresh Token이 없습니다');
+            return null;
+          }
+
+          requestOptions.headers = {
+            Cookie: `Authorization-Refresh=${refreshToken}`
+          };
+        } catch (error) {
+          console.error('서버 사이드 쿠키 읽기 실패:', error);
+          return null;
+        }
+      }
+
+      const response = await fetch(refreshUrl, requestOptions);
 
       if (response.ok) {
         const data = await response.json();
@@ -105,7 +136,9 @@ export const fetchAuth = returnFetch({
       ];
     },
     response: async (response, [url, requestInit], fetch) => {
-      if (response.status === 401) {
+      const isRetry = (requestInit as any)?._isRetry;
+
+      if (response.status === 401 && !isRetry) {
         const newToken = await refreshTokenIfNeeded();
         if (newToken) {
           const headers = new Headers(requestInit?.headers);
@@ -114,10 +147,16 @@ export const fetchAuth = returnFetch({
           const retryResponse = await fetch(url, {
             ...requestInit,
             headers,
-            credentials: 'include'
-          });
+            credentials: 'include',
+            _isRetry: true // 재시도 플래그 추가
+          } as any);
 
           return retryResponse;
+        } else {
+          if (typeof window !== 'undefined') {
+            console.error('세션이 만료되었습니다. 다시 로그인해주세요.');
+            window.location.href = '/signin';
+          }
         }
       }
 
@@ -155,7 +194,9 @@ export const fetchAuthJson = returnFetchJson({
       ];
     },
     response: async (response, [url, requestInit], fetch) => {
-      if (response.status === 401) {
+      const isRetry = (requestInit as any)?._isRetry;
+
+      if (response.status === 401 && !isRetry) {
         const newToken = await refreshTokenIfNeeded();
         if (newToken) {
           const headers = new Headers(requestInit?.headers);
@@ -164,10 +205,16 @@ export const fetchAuthJson = returnFetchJson({
           const retryResponse = await fetch(url, {
             ...requestInit,
             headers,
-            credentials: 'include'
-          });
+            credentials: 'include',
+            _isRetry: true
+          } as any);
 
           return retryResponse;
+        } else {
+          if (typeof window !== 'undefined') {
+            console.error('세션이 만료되었습니다. 다시 로그인해주세요.');
+            window.location.href = '/signin';
+          }
         }
       }
 

src/utils/returnFetch.ts

@@ -107,13 +107,21 @@ const returnFetch =
 
     const response = await fetchProvided(...requestInterceptorAppliedArgs);
 
-    if (!response.ok) {
-      const errorText = await response.clone().text();
-      const msg = `STATUS: ${response.status} 
+    const finalResponse = defaultOptions?.interceptors?.response
+      ? await defaultOptions.interceptors.response(
+          response,
+          requestInterceptorAppliedArgs,
+          fetchProvided
+        )
+      : response;
+
+    if (!finalResponse.ok) {
+      const errorText = await finalResponse.clone().text();
+      const msg = `STATUS: ${finalResponse.status} 
  ERROR_TEXT: ${errorText}`;
-      await sendDiscordErrorLog(msg, response.url);
+      await sendDiscordErrorLog(msg, finalResponse.url);
 
-      let errorMessage = `요청 실패 (상태 코드: ${response.status})`;
+      let errorMessage = `요청 실패 (상태 코드: ${finalResponse.status})`;
       try {
         const errorData = JSON.parse(errorText);
         if (errorData.message) {
@@ -123,13 +131,7 @@ const returnFetch =
       throw new Error(errorMessage);
     }
 
-    return (
-      defaultOptions?.interceptors?.response?.(
-        response,
-        requestInterceptorAppliedArgs,
-        fetchProvided
-      ) || response
-    );
+    return finalResponse;
   };
 
 export default returnFetch;