fix : accessToken 재발급 시 refreshToken의 유효성 검증 로직 수정 #35

GeunH · Dec 1, 2023 · 17c6811 · 17c6811
1 parent 437b7e6
commit 17c6811
Showing 1 changed file with 1 addition and 2 deletions.
diff --git a/be/src/auth/auth.service.ts b/be/src/auth/auth.service.ts
@@ -83,8 +83,7 @@ export class AuthService {
       const decoded = this.jwtService.verify(refreshToken, {
         secret: "nibobnebob",
       });
-      const result = this.authRepository.findOne({ where: { id: decoded.id } })
-      if (result) {
+      if (await this.authRepository.findOne({ where: { id: decoded.id, refreshToken: refreshToken } })) {
         const payload = { id: decoded.id };
         const accessToken = this.jwtService.sign(payload);
         await this.authRepository.update(decoded.id, { accessToken: accessToken });