From b278ee06ce347a4d2b1201d02a7f0061f607657a Mon Sep 17 00:00:00 2001
From: joonhoekim <26rote@gmail.com>
Date: Fri, 28 Nov 2025 14:14:44 +0900
Subject: (김준회) expired session - cookie invalidate 처리, 로그 좀 더
 알아보기 쉽게, 필요할 때 출력되도록 변경
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 middleware.ts | 27 ++++++++++++++++++++++-----
 1 file changed, 22 insertions(+), 5 deletions(-)

(limited to 'middleware.ts')

diff --git a/middleware.ts b/middleware.ts
index c53c8455..e74cb653 100644
--- a/middleware.ts
+++ b/middleware.ts
@@ -208,6 +208,12 @@ function createLoginUrl(pathname: string, detectedLng: string, origin: string, r
   return redirectUrl;
 }
 
+// 세션 쿠키 삭제 함수
+function clearSessionCookies(response: NextResponse) {
+  response.cookies.delete('next-auth.session-token');
+  response.cookies.delete('__Secure-next-auth.session-token');
+}
+
 export async function middleware(request: NextRequest) {
   /**
    * 1. 쿠키에서 언어 가져오기
@@ -263,9 +269,11 @@ export async function middleware(request: NextRequest) {
     const { isExpired, isExpiringSoon } = checkSessionTimeout(token);
     
     if (isExpired) {
-      console.log(`Session expired in middleware for user ${token.email}`);
+      console.log(`[Middleware.ts] Session expired in middleware for user ${token.email}`);
       const loginUrl = createLoginUrl(pathname, detectedLng, origin, request, 'expired');
-      return NextResponse.redirect(loginUrl);
+      const response = NextResponse.redirect(loginUrl);
+      clearSessionCookies(response);
+      return response;
     }
   }
 
@@ -276,10 +284,9 @@ export async function middleware(request: NextRequest) {
     // 사용자의 domain과 URL 경로가 일치하는지 확인
     const redirectPath = getDomainRedirectPath(pathname, token.domain as string, detectedLng);
 
-    console.log(redirectPath, "redirectPath")
-    
     // 도메인과 URL이 일치하지 않으면 리다이렉트
     if (redirectPath) {
+      console.log("[Middleware.ts] redirectPath: ", redirectPath)
       const redirectUrl = new URL(redirectPath, origin);
       redirectUrl.search = searchParams.toString();
       return NextResponse.redirect(redirectUrl);
@@ -316,7 +323,9 @@ export async function middleware(request: NextRequest) {
     const { isExpired } = checkSessionTimeout(token);
     if (isExpired) {
       const loginUrl = createLoginUrl(pathname, detectedLng, origin, request, 'expired');
-      return NextResponse.redirect(loginUrl);
+      const response = NextResponse.redirect(loginUrl);
+      clearSessionCookies(response);
+      return response;
     }
   }
 
@@ -325,6 +334,14 @@ export async function middleware(request: NextRequest) {
    */
   const response = NextResponse.next();
 
+  // 만료된 세션 쿠키 정리 (공개 경로 포함)
+  if (token) {
+    const { isExpired } = checkSessionTimeout(token);
+    if (isExpired) {
+      clearSessionCookies(response);
+    }
+  }
+
   /**
    * 11. 세션 만료 경고를 위한 헤더 추가
    */
-- 
cgit v1.2.3