TIL

23/12/06 TIL __ ์„ธ์…˜ ์ €์žฅ ํ›„ ์ถœ๋ ฅ undefined

GABOJOK 2023. 12. 6. 13:33

 

 

๐Ÿฃ  ์ƒํ™ฉ

 

์„ธ์…˜์— ๋Œ€ํ•œ ๊ฐœ๋…์ด ํ—ท๊ฐˆ๋ ค์„œ ๋‹ค์‹œ ํ…Œ์ŠคํŠธ ํ•˜๋˜ ๋„์ค‘ ์˜ค๋ฅ˜๋ฅผ ๋งŒ๋‚ฌ๋‹ค. 

req.session.name = '๋นŒ๋ฆฌ'

๋กœ ํ•ด์„œ ์ €์žฅ๊นŒ์ง€๋Š” ์„ฑ๊ณต ํ–ˆ๋Š”๋ฐ,

๋‹ค๋ฅธ ๊ฒฝ๋กœ์—์„œ console.log(req.session )์„ ํ˜ธ์ถœํ•ด ๋ณด๋‹ˆ ์•ˆ์— name์ด ์—†์—ˆ๋‹ค.

๐Ÿซ  ๋ฌธ์ œ  __ ์„ธ์…˜์— ์ €์žฅํ•œ ๊ฐ’์„ ์™œ ๋ชป๋ถˆ๋Ÿฌ ์˜ค๋Š”๊ฐ€?

// '/nana' ๊ฒฝ๋กœ๋กœ ์ €์žฅ ํ›„, '/gaga'๊ฒฝ๋กœ๋กœ ์š”์ฒญ์‹œ req.session์„ ์ถœ๋ ฅํ•ด ๋ดค๋‹ค.
์„ธ์…˜ Session {
  cookie: {
    path: '/',
    _expires: null,
    originalMaxAge: null,
    httpOnly: true,
    secure: true
  }
}
//์ €์žฅํ–ˆ๋˜ ํ‚ค๋ฐธ๋ฅ˜๊ฐ€ ๋ณด์ด์ง€ ์•Š๋Š”๋‹ค.

์ด์œ ๋ฅผ ์•Œ์ง€ ๋ชปํ•ด ํ•œ์ฐธ์„ ๋’ค์ ์˜€๋Š”๋ฐ, ๊ทธ ๊ฒฝํ—˜์„ ๊ณต์œ ํ•ด ๋ณด๋ ค ํ•œ๋‹ค.

 

 

 


 

 

๐Ÿš  ํ•ด๊ฒฐ ๊ณผ์ •

 

 

 

๐Ÿ’œ ์ ‘๊ทผ 1. ๋ช…๋ น์–ด๋ฅผ ์ œ๋Œ€๋กœ ์‚ฌ์šฉํ•˜์˜€๋Š”๊ฐ€?

 

๋‚ด๊ฐ€ ์•Œ๊ณ ์žˆ๋˜ req.session์— ๊ฐ’์„ ์ง‘์–ด๋„ฃ๋Š” ๋ฐฉ์‹์€ ์•„๋ž˜์™€ ๊ฐ™์•˜๋‹ค.

req.session.ํ‚ค์ด๋ฆ„ = ๋„ฃ์„๊ฐ’

 

์ €์žฅํ•˜๋ ค๊ณ  ํ•œ ์„ธ์…˜์€ ์ €์žฅ ํ›„ ์ฝ˜์†”์—๋„ ์ถœ๋ ฅ๋˜๊ณ , ์ €์žฅ์†Œ์—๋„ ์ €์žฅ ๋œ๊ฒƒ์„ ํ™•์ธํ•˜์˜€๋‹ค. 

 

๊ทธ๋Ÿผ ์ €์žฅ๋ฌธ์ œ๊ฐ€ ์•„๋‹ˆ๋ผ ๋ถˆ๋Ÿฌ์˜ค๋Š” ๋ถ€๋ถ„ ๋ฌธ์ œ๋ผ๊ณ  ์ƒ๊ฐํ–ˆ์ง€๋งŒ,

๋‹จ์ˆœํžˆ req.session ์„ ์ถœ๋ ฅํ•ด๋„ ๋ฐฉ๊ธˆ ์ €์žฅํ•œ ํ‚ค ๋ฒจ๋ฅ˜๊ฐ€ ๋‚˜์˜ค์ง€ ์•Š์•˜๋‹ค. 

express-session  ๊ณต์‹๋ฌธ์„œ๋ฅผ ์ฐพ์•„๋ด๋„ ๋ช…๋ น์–ด๊ฐ€ ๋‹ค๋ฅธ๋ถ€๋ถ„์„ ์ฐพ์ง€ ๋ชปํ–ˆ๋‹ค.

๊ทธ๋Ÿผ ๋ช…๋ น์–ด ๋ฌธ์ œ๋Š” ์•„๋‹Œ๊ฑฐ ๊ฐ™์•„ ๋‹ค๋ฅธ ๋ฌธ์ œ๋ฅผ ์ฐพ์•„๋ดค๋‹ค. 

 

 

 

๐Ÿฉต 2. ์„ค์ •์‹œ ์ˆœ์„œ๊ฐ€ ์ œ๋Œ€๋กœ ๋˜์–ด์žˆ๋Š”๊ฐ€?

 

express-session์„ ์‚ฌ์šฉํ• ๋•Œ app.js ํŒŒ์ผ์—์„œ ์ˆœ์„œ๋Š” ๋งค์šฐ๋งค์šฐ ์ค‘์š”ํ•˜๋‹ค. 

 

๋‚˜์˜ ๊ฒฝ์šฐ ์–ธ์ œ๋‚˜ ์ตœ์ƒ๋‹จ์€  importํ•ด์˜ค๋Š” ์• ๋“ค, 

์ค‘๊ฐ„๋‹จ๊ณ„์—๋Š” app.use(cookie-paser) ๊ฐ™์€ ์• ๋“ค์„ ๋ถˆ๋Ÿฌ์˜ค๊ณ 

๊ทธ ์•„๋ž˜ app.use('/', router)๊ณผ ๊ฐ™์ด ๋ผ์šฐํ„ฐ ์—ฐ๊ฒฐํ›„ 

๊ฐ€์žฅ ํ•˜๋‹จ์— ํฌํŠธ ํ™•์ธ์šฉ app.listen์„ ๊ฑธ์–ด์ค€๋‹ค. 

 

๊ทผ๋ฐ ๋ฌธ์ œ๊ฐ€ ๋ฐœ์ƒํ–ˆ์œผ๋‹ˆ ๋‹ค์‹œ ์ ๊ฒ€์„ ํ•ด๋ดค๋‹ค. 

stack over flow์— ๋”ฐ๋ฅด๋ฉด, app.use(session()) ํ›„์— app.get('/api', fuction(){}) ๋“ฑ์˜ ๊ฒฝ๋กœ๊ฐ€ ์ง€์ •๋˜์–ด์•ผ ํ•œ๋‹ค๊ณ  ํ–ˆ๋‹ค. 

๋‚˜๋Š” ๊ทธ๋ ‡๊ฒŒ ๋˜์–ด์ ธ ์žˆ๋Š” ์ƒํ™ฉ์ด๋ผ ์ด๊ฒƒ๋„ ๋ฌธ์ œ์˜ ์›์ธ์€ ์•„๋‹Œ๋“ฏ ํ–ˆ๋‹ค. 

https://stackoverflow.com/questions/72099030/req-session-is-undefined-when-using-express-session

 

req.session is undefined when using express-session

Following is my code for session setup: import app from './server.js'; import dotenv from 'dotenv'; import mongoose from 'mongoose'; import session from 'express-session'; import {default as connec...

stackoverflow.com

 

 

 

๐Ÿ’›  3.๊ธฐ์กด ํŒŒ์ผ๋“ค ๋•Œ๋ฌธ์— ์–ด๋–ค ์ƒํ˜ธ์ž‘์šฉ์œผ๋กœ ์ธํ•ด์„œ ์ž‘๋™ํ•˜์ง€ ์•Š๋Š”๊ฐ€?

 

๊ธฐ์กด์— ์ž‘์—…ํ•˜๋˜ ๋‚ด์šฉ๋“ค์ด ์˜ํ–ฅ์ด ์žˆ์„์ˆ˜๋„ ์žˆ๊ฒ ๋‹ค ์‹ถ์—ˆ๋‹ค. 

์—๋Ÿฌ์ฒ˜๋ฆฌ ๋ฏธ๋“ค์›จ์–ด๊ฐ€ ๋™์ž‘ํ•˜๊ณ  ์žˆ์—ˆ๊ธฐ ๋•Œ๋ฌธ์ด๋‹ค. 

๊ทธ๋ž˜์„œ ๊ทธ๋ƒฅ ์ƒˆ๋กœ์šด ํŒŒ์ผ์„ ๋งŒ๋“ค๊ณ , ํ•„์š”ํ•œ ๋ถ€๋ถ„๋งŒ ๊ฐ€์ ธ์™€์„œ ๋‹ค์‹œ ํ…Œ์ŠคํŠธ๋ฅผ ํ•ด๋ดค๋‹ค.

๊ทธ๋Ÿฌ๋‚˜ ์—ฌ์ „ํžˆ ์ž‘๋™ํ•˜์ง€ ์•Š์•˜๋‹ค.

๋„๋ฐ์ฒด ๋ญ๊ฐ€ ๋ฌธ์ œ์ผ๊นŒ ์‹ถ์—ˆ๊ณ , ์„ธ์…˜์œผ๋กœ ์ด๋ ‡๊ฒŒ๋‚˜ ํ•ด๋งฌ์ค„ ๋ชฐ๋ž๋‹ค.

 

 

 

โค๏ธ 4. ๋ถ„๋ช… ์„ค์ •์—์„œ ๋ญ”๊ฐ€ ์ž˜๋ชป๋˜์—ˆ๋‹ค. !!! 

 

์•„๋ฌด๋ฆฌ ์ฐพ์•„๋ด๋„ ์„ค์ •์ด ๋ฌธ์ œ์ธ๊ฒƒ ๊ฐ™์•„ app.use(session()) ๋ถ€๋ถ„์„ ์ˆ˜์ •ํ•ด ๋ดค๋‹ค. 

 

๊ธฐ์กด์ฝ”๋“œ์ด๋‹ค.

app.use(
  session({
    secret: "dfjsd",
    resave: false,
    saveUninitialized: false,
    store: new FileStore(), 
    cookie: {
      httpOnly: true,
      secure: true,
    },
  })
);

 

 

์—ฌ๊ธฐ์„œ ์•„๋ž˜๋ถ€ํ„ฐ ์ฐจ๊ทผ์ฐจ๊ทผ ํ…Œ์ŠคํŠธ ํ•ด๋ณด๋ ค๊ณ  ์ถ”์„์„ ํ•ด๋ดค๋‹ค.

app.use(
  session({
    secret: "dfjsd",
    resave: false,
    saveUninitialized: false,
    store: new FileStore(), //db์— ์ €์žฅํ•˜๋Š”๊ฒŒ ๋”๋‚˜์Œ.
  })
);

 

 

๊ทผ๋ฐ ์ถœ๋ ฅ ๊ฒฐ๊ณผ๊ฐ€ ๋ฐ”๋€Œ์—ˆ๋‹ค. 

์„ธ์…˜ Session {
  '1': 'hoho',
  cookie: { path: '/', _expires: null, originalMaxAge: null, httpOnly: true },
  __lastAccess: 1701833296665
}

 

 

 

์ €๊ธฐ์–ด ์–ด๋–ค๋ถ€๋ถ„ ๋•Œ๋ฌธ์— ์ž‘๋™ํ•˜์ง€ ์•Š๋Š”๊ฑด์ง€ ์•Œ ์ˆ˜ ์—†์—ˆ๋‹ค. 

ํ•˜๋‚˜์”ฉ ํ…Œ์ŠคํŠธ๋ฅผ ์‹œ์ž‘ํ–ˆ๋‹ค. 

 

 

 

1. httpOnly: true๋งŒ ๋‚จ๊ธด๋‹ค.

cookie: {
  httpOnly: true, 
},

//console ์ถœ๋ ฅ ๊ฒฐ๊ณผ
์ €์žฅ Session {
  cookie: { path: '/', _expires: null, originalMaxAge: null, httpOnly: true },
  ooo: '์˜ค์˜ค์˜ค'
}
[session-file-store] will retry, error on last attempt: Error: ENOENT: no such file or directory, open 'sessions/hcpnvboE1X2FIItiL8B84DF7GygIjZl-.json'
์ถœ๋ ฅ Session {
  cookie: { path: '/', _expires: null, originalMaxAge: null, httpOnly: true },
  ooo: '์˜ค์˜ค์˜ค',
  __lastAccess: 1701836169550
}

 

 

2. secure: true ๋งŒ ๋‚จ๊ธด๋‹ค.

cookie: {
  secure: true,
},

//console ์ถœ๋ ฅ ๊ฒฐ๊ณผ
์ €์žฅ Session {
  cookie: {
    path: '/',
    _expires: null,
    originalMaxAge: null,
    httpOnly: true,
    secure: true
  },
  ooo: '์˜ค์˜ค์˜ค'
}
์ถœ๋ ฅ Session {
  cookie: {
    path: '/',
    _expires: null,
    originalMaxAge: null,
    httpOnly: true,
    secure: true
  }
}

 

 

 

์ฐพ์•˜๋‹ค.!!!!!   

secure ์˜ต์…˜์ด ๋ฌธ์ œ์˜€๋˜๊ฒƒ!!

์ด ์˜ต์…˜์„ true์—์„œ false๋กœ ๋ฐ”๊ฟ”์ฃผ์ž ๋ฐ”๋กœ ์›ํ•˜๋Š”๋Œ€๋กœ ์ถœ๋ ฅ๋˜๊ธฐ ์‹œ์ž‘ํ–ˆ๋‹ค.

 

 

๊ทผ๋ฐ ์ด ์˜ต์…˜๋“ค์€ ์–ด๋–ค๊ฑธ ์˜๋ฏธํ•˜๋Š” ๊ฑธ๊นŒ?

๊ทธ๋ƒฅ ๋ณด์•ˆ์ƒ์— ์ค‘์š”ํ•œ ์š”์†Œ๋ผ๊ณ ๋งŒ ์•Œ๊ณ  ์‚ฌ์šฉํ–ˆ๋Š”๋ฐ 

์ข€๋” ์‚ดํŽด๋ณด์•˜๋‹ค.

 

 

๐Ÿš“  httpOnly: true 

์ด๋ ‡๊ฒŒ ์„ค์ •ํ•˜๋ฉด ํด๋ผ์ด์–ธํŠธ์ชฝ javaScript์—์„œ ์ฟ ํ‚ค์— ์ ‘๊ทผํ•  ์ˆ˜ ์—†๋‹ค. 

๋ณด์•ˆ์ƒ ์ค‘์š”ํ•œ ์˜ต์…˜์ด๋‹ค. 

๐Ÿš™ secure: true 

์ด๋ ‡๊ฒŒ ์„ค์ •ํ•˜๋ฉด, http ์—ฐ๊ฒฐ์—์„œ ์ „์†ก๋˜๋Š”๊ฑธ ๋ฐฉ์ง€ํ•˜๊ณ , https ํ”„๋กœํ† ์ฝœ์„ ํ†ตํ•ด์„œ๋งŒ ์ „์†ก๋œ๋‹ค.!!!

๋ณด์•ˆ์ƒ ์ค‘์š”ํ•œ ์˜ต์…˜์ด๊ธด ํ•˜์ง€๋งŒ, ๊ฐœ๋ฐœ์ค‘์—๋Š” ์ฃผ๋กœ false๋กœ ์„ค์ •๋˜์–ด ์‚ฌ์šฉ๋˜๋Š” ๊ฒฝ์šฐ๊ฐ€ ๋งŽ๊ณ , 

์‹ค์ œ  https ํ™˜๊ฒฝ์—์„œ๋งŒ ์ฟ ํ‚ค๊ฐ€ ์ „์†ก๋œ๋‹ค. 

 

 

๊ณ„์† http๋กœ ์š”์ฒญ์„ ๋ณด๋ƒˆ๊ธฐ ๋•Œ๋ฌธ์— ์ž‘๋™ํ•˜์ง€ ์•Š์•˜๋˜ ๊ฒƒ!!

 

 

๐Ÿซ   ๋Š๋‚€์ 

 

์„ธ์…˜์— ์ด๋ ‡๊ฒŒ ๋งŽ์€ ์‹œ๊ฐ„์„ ์‚ฌ์šฉํ•  ์ค„ ๋ชฐ๋ž๋‹ค.

์‚ฌ์‹ค ์•ˆ๋‹ค๊ณ  ์ƒ๊ฐํ–ˆ์ง€๋งŒ ์ œ๋Œ€๋กœ ๋ชฐ๋ž๋˜๊ฒŒ ๋” ์ปธ๋˜๊ฒƒ ๊ฐ™๋‹ค.

์–ธ์ œ๋‚˜ ๋ฌธ์ œ๊ฐ€ ์ƒ๊ธฐ๋ฉด ๋‹ค์–‘ํ•œ ๋ฐฉ๋ฒ•์œผ๋กœ ์‹œ๋„ํ•ด ๋ณด๊ณ 

๊ฐ€์žฅ ์ค‘์š”ํ•œ ๊ฑด ๊ทธ ๋ฐฉ๋ฒ•๋“ค์„ ๊ธฐ์–ตํ•˜๋Š”๊ฒŒ ์ค‘์š”ํ•œ ๊ฒƒ ๊ฐ™๋‹ค.