chore: update auth service

api/v2/auth_service.go

@@ -46,10 +46,15 @@ func (s *APIV2Service) SignIn(ctx context.Context, request *apiv2pb.SignInReques
 		return nil, status.Errorf(http.StatusInternalServerError, fmt.Sprintf("failed to upsert access token to store, err: %s", err))
 	}
 
+	if err := grpc.SetHeader(ctx, metadata.New(map[string]string{
+		"Set-Cookie": fmt.Sprintf("%s=%s; Path=/; Expires=%s; HttpOnly; SameSite=Strict", auth.AccessTokenCookieName, accessToken, time.Now().Add(auth.AccessTokenDuration).Format(time.RFC1123)),
+	})); err != nil {
+		return nil, status.Errorf(codes.Internal, "failed to set grpc header, error: %v", err)
+	}
+
 	metric.Enqueue("user sign in")
 	return &apiv2pb.SignInResponse{
-		User:        convertUserFromStore(user),
-		AccessToken: accessToken,
+		User: convertUserFromStore(user),
 	}, nil
 }
 
@@ -108,18 +113,25 @@ func (s *APIV2Service) SignUp(ctx context.Context, request *apiv2pb.SignUpReques
 		return nil, status.Errorf(http.StatusInternalServerError, fmt.Sprintf("failed to upsert access token to store, err: %s", err))
 	}
 
+	if err := grpc.SetHeader(ctx, metadata.New(map[string]string{
+		"Set-Cookie": fmt.Sprintf("%s=%s; Path=/; Expires=%s; HttpOnly; SameSite=Strict", auth.AccessTokenCookieName, accessToken, time.Now().Add(auth.AccessTokenDuration).Format(time.RFC1123)),
+	})); err != nil {
+		return nil, status.Errorf(codes.Internal, "failed to set grpc header, error: %v", err)
+	}
+
 	metric.Enqueue("user sign up")
 	return &apiv2pb.SignUpResponse{
-		User:        convertUserFromStore(user),
-		AccessToken: accessToken,
+		User: convertUserFromStore(user),
 	}, nil
 }
 
 func (*APIV2Service) SignOut(ctx context.Context, _ *apiv2pb.SignOutRequest) (*apiv2pb.SignOutResponse, error) {
+	// Set the cookie header to expire access token.
 	if err := grpc.SetHeader(ctx, metadata.New(map[string]string{
-		auth.AccessTokenCookieName: "",
+		"Set-Cookie": fmt.Sprintf("%s=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT; HttpOnly; SameSite=Strict", auth.AccessTokenCookieName),
 	})); err != nil {
 		return nil, status.Errorf(codes.Internal, "failed to set grpc header, error: %v", err)
 	}
+
 	return &apiv2pb.SignOutResponse{}, nil
 }

frontend/web/package.json

@@ -17,7 +17,6 @@
     "copy-to-clipboard": "^3.3.3",
     "dayjs": "^1.11.10",
     "i18next": "^23.7.6",
-    "js-cookie": "^3.0.5",
     "lodash-es": "^4.17.21",
     "lucide-react": "^0.292.0",
     "nice-grpc-web": "^3.3.2",
@@ -34,7 +33,6 @@
   "devDependencies": {
     "@bufbuild/buf": "^1.28.1",
     "@trivago/prettier-plugin-sort-imports": "^4.3.0",
-    "@types/js-cookie": "^3.0.6",
     "@types/lodash-es": "^4.17.11",
     "@types/react": "^18.2.38",
     "@types/react-dom": "^18.2.16",

frontend/web/src/components/Header.tsx

@@ -6,7 +6,6 @@ import { authServiceClient } from "@/grpcweb";
 import useWorkspaceStore from "@/stores/v1/workspace";
 import { PlanType } from "@/types/proto/api/v2/subscription_service";
 import { Role } from "@/types/proto/api/v2/user_service";
-import { removeAccessToken } from "@/utils/auth";
 import useUserStore from "../stores/v1/user";
 import AboutDialog from "./AboutDialog";
 import Icon from "./Icon";
@@ -24,7 +23,6 @@ const Header: React.FC = () => {
 
   const handleSignOutButtonClick = async () => {
     await authServiceClient.signOut({});
-    removeAccessToken();
     localStorage.removeItem("userId");
     window.location.href = "/auth";
   };

frontend/web/src/pages/SignIn.tsx

@@ -7,7 +7,6 @@ import { authServiceClient } from "@/grpcweb";
 import useNavigateTo from "@/hooks/useNavigateTo";
 import useUserStore from "@/stores/v1/user";
 import useWorkspaceStore from "@/stores/v1/workspace";
-import { setAccessToken } from "@/utils/auth";
 import useLoading from "../hooks/useLoading";
 
 const SignIn: React.FC = () => {
@@ -45,11 +44,9 @@ const SignIn: React.FC = () => {
 
     try {
       actionBtnLoadingState.setLoading();
-      const { user, accessToken } = await authServiceClient.signIn({ email, password });
+      const { user } = await authServiceClient.signIn({ email, password });
       if (user) {
         userStore.setCurrentUserId(user.id);
-        console.log("accessToken", accessToken);
-        setAccessToken(accessToken);
         await userStore.fetchCurrentUser();
         navigateTo("/");
       } else {

frontend/web/src/pages/SignUp.tsx

@@ -7,7 +7,6 @@ import { authServiceClient } from "@/grpcweb";
 import useNavigateTo from "@/hooks/useNavigateTo";
 import useUserStore from "@/stores/v1/user";
 import useWorkspaceStore from "@/stores/v1/workspace";
-import { setAccessToken } from "@/utils/auth";
 import useLoading from "../hooks/useLoading";
 
 const SignUp: React.FC = () => {
@@ -52,14 +51,13 @@ const SignUp: React.FC = () => {
 
     try {
       actionBtnLoadingState.setLoading();
-      const { user, accessToken } = await authServiceClient.signUp({
+      const { user } = await authServiceClient.signUp({
         email,
         nickname,
         password,
       });
       if (user) {
         userStore.setCurrentUserId(user.id);
-        setAccessToken(accessToken);
         await userStore.fetchCurrentUser();
         navigateTo("/");
       } else {

proto/api/v2/auth_service.proto

@@ -26,7 +26,6 @@ message SignInRequest {
 
 message SignInResponse {
   User user = 1;
-  string access_token = 2;
 }
 
 message SignUpRequest {
@@ -37,7 +36,6 @@ message SignUpRequest {
 
 message SignUpResponse {
   User user = 1;
-  string access_token = 2;
 }
 
 message SignOutRequest {}

proto/gen/api/v2/README.md

@@ -507,7 +507,6 @@
 | Field | Type | Label | Description |
 | ----- | ---- | ----- | ----------- |
 | user | [User](#slash-api-v2-User) |  |  |
-| access_token | [string](#string) |  |  |
 
 
 
@@ -560,7 +559,6 @@
 | Field | Type | Label | Description |
 | ----- | ---- | ----- | ----------- |
 | user | [User](#slash-api-v2-User) |  |  |
-| access_token | [string](#string) |  |  |