Merge pull request #153 from tmddus2/feature/231128-logout

Feature(#115): 로그아웃을 할 수 있다.

backend/package.json

@@ -27,6 +27,9 @@
     "@nestjs/mongoose": "^10.0.2",
     "@nestjs/passport": "^10.0.2",
     "@nestjs/platform-express": "^10.0.0",
+    "class-transformer": "^0.5.1",
+    "class-validator": "^0.14.0",
+    "cookie-parser": "^1.4.6",
     "dotenv": "^16.3.1",
     "jsonwebtoken": "^9.0.2",
     "mongoose": "^8.0.1",
@@ -39,6 +42,7 @@
     "@nestjs/cli": "^10.0.0",
     "@nestjs/schematics": "^10.0.0",
     "@nestjs/testing": "^10.0.0",
+    "@types/cookie-parser": "^1.4.6",
     "@types/express": "^4.17.17",
     "@types/jest": "^29.5.2",
     "@types/node": "^20.3.1",

backend/src/auth/auth.controller.ts

@@ -1,6 +1,7 @@
-import { Body, Controller, Get, Post, Req, Res, UseGuards } from '@nestjs/common';
+import { Body, Controller, Get, Post, Req, Request, Res, UseGuards } from '@nestjs/common';
 import { AuthGuard } from '@nestjs/passport';
 import { Response } from 'express';
+import { CustomAuthGuard } from './auth.guard';
 import { AuthService } from './auth.service';
 import { UserInfoDto } from './dto/userInfo.dto';
 
@@ -20,6 +21,21 @@ export class AuthController {
   @Get('/google/redirect')
   @UseGuards(AuthGuard('google'))
   googleAuthRedirect(@Req() req: any, @Res() res: Response) {
-    res.send(req.user.jwt);
+    const cookie = req.user.cookie;
+    res.setHeader('Set-Cookie', cookie);
+    res.redirect('/');
+    return res.send();
+  }
+
+  @UseGuards(CustomAuthGuard)
+  @Get('profile')
+  getProfile(@Request() req) {
+    return req.user;
+  }
+
+  @Get('logout')
+  logout(@Res() res: Response) {
+    res.setHeader(`Set-Cookie`, `Authentication=; HttpOnly; Path=/; Max-Age=0`);
+    return res.sendStatus(200);
   }
 }

backend/src/auth/auth.guard.ts

@@ -0,0 +1,25 @@
+import { CanActivate, ExecutionContext, Injectable, UnauthorizedException } from '@nestjs/common';
+import { ConfigService } from '@nestjs/config';
+import { JwtService } from '@nestjs/jwt';
+
+@Injectable()
+export class CustomAuthGuard implements CanActivate {
+  constructor(
+    private jwtService: JwtService,
+    private configService: ConfigService
+  ) {}
+
+  async canActivate(context: ExecutionContext): Promise<boolean> {
+    const request = context.switchToHttp().getRequest();
+    try {
+      const token = request.cookies.Authentication;
+      const payload = await this.jwtService.verifyAsync(token, {
+        secret: this.configService.get<string>('JWT_SECRET_KEY')
+      });
+      request['user'] = payload;
+    } catch (e) {
+      throw new UnauthorizedException();
+    }
+    return true;
+  }
+}

backend/src/auth/auth.service.ts

@@ -21,7 +21,8 @@ export class AuthService {
     return await this.userModel.findOne({ email: email });
   }
 
-  async generateJWT(userInfo: UserInfoDto): Promise<string> {
-    return await this.jwtService.signAsync(userInfo);
+  async generateCookie(userInfo: UserInfoDto) {
+    const token = await this.jwtService.signAsync(userInfo);
+    return `Authentication=${token}; HttpOnly; Path=/; Max-Age=3600`;
   }
 }

backend/src/auth/google.strategy.ts

@@ -32,7 +32,7 @@ export class GoogleStrategy extends PassportStrategy(Strategy, 'google') {
       await this.authService.signUp(user);
     }
 
-    const jwt = await this.authService.generateJWT(user);
-    return { jwt };
+    const cookie = await this.authService.generateCookie(user);
+    return { cookie };
   }
 }

backend/src/main.ts

@@ -1,6 +1,7 @@
 import { NestFactory } from '@nestjs/core';
 import { AppModule } from './app.module';
 import { ValidationPipe } from '@nestjs/common';
+import * as cookieParser from 'cookie-parser';
 
 async function bootstrap() {
   const app = await NestFactory.create(AppModule);
@@ -9,6 +10,7 @@ async function bootstrap() {
       transform: true
     })
   );
+  app.use(cookieParser());
   await app.listen(3000);
 }
 bootstrap();