BARON-SSO 로그인 세션 문제 수정 sever.js
All checks were successful
ITAM Code Check / build-and-config-check (push) Successful in 11s
ITAM Docker Build Check / docker-build-check (push) Successful in 14s

This commit is contained in:
2026-07-01 14:23:45 +09:00
parent 6aae6d7dff
commit 1f849cd1c5

View File

@@ -21,7 +21,6 @@ const {
const SESSION_SECRET_VALUE = SESSION_SECRET || 'itam-headless-session-secret'; const SESSION_SECRET_VALUE = SESSION_SECRET || 'itam-headless-session-secret';
const DEFAULT_SCOPES = ['openid', 'profile', 'email']; const DEFAULT_SCOPES = ['openid', 'profile', 'email'];
const DEFAULT_ERROR_PATH = ERROR_LOCALE_PATH || '/ko/error'; const DEFAULT_ERROR_PATH = ERROR_LOCALE_PATH || '/ko/error';
const USE_SECURE_COOKIES = Boolean(REDIRECT_URI && REDIRECT_URI.startsWith('https://'));
const dbConfig = { const dbConfig = {
host: process.env.DB_HOST, host: process.env.DB_HOST,
@@ -39,19 +38,18 @@ const getDbConnectionSummary = () => ({
}); });
const app = express(); const app = express();
if (USE_SECURE_COOKIES) { app.set('trust proxy', 1);
app.set('trust proxy', 1);
}
app.use(cors()); app.use(cors());
app.use(express.json({ limit: '50mb' })); app.use(express.json({ limit: '50mb' }));
app.use(session({ app.use(session({
secret: SESSION_SECRET_VALUE, secret: SESSION_SECRET_VALUE,
proxy: true,
resave: false, resave: false,
saveUninitialized: false, saveUninitialized: false,
cookie: { cookie: {
httpOnly: true, httpOnly: true,
sameSite: 'lax', sameSite: 'lax',
secure: USE_SECURE_COOKIES, secure: 'auto',
maxAge: 1000 * 60 * 60 * 8 maxAge: 1000 * 60 * 60 * 8
} }
})); }));