배경
아래 코드에서 오류를 뱉었다.
router.get("/logout", (req, res) => {
req.logOut(); // 여기서 오류뱉음
console.log('로그아웃함');
res.redirect("/");
});Error: req#logout requires a callback function
at IncomingMessage.req.logout.req.logOut (C:\Users\goran\Desktop\learn-vue\panda-express\node_modules\passport\lib\http\request.js:65:44)
at C:\Users\goran\Desktop\learn-vue\panda-express\router\user.js:172:6
at Layer.handle [as handle_request] (C:\Users\goran\Desktop\learn-vue\panda-express\node_modules\express\lib\router\layer.js:95:5)
at next (C:\Users\goran\Desktop\learn-vue\panda-express\node_modules\express\lib\router\route.js:144:13)
at Route.dispatch (C:\Users\goran\Desktop\learn-vue\panda-express\node_modules\express\lib\router\route.js:114:3)
at Layer.handle [as handle_request] (C:\Users\goran\Desktop\learn-vue\panda-express\node_modules\express\lib\router\layer.js:95:5)
at C:\Users\goran\Desktop\learn-vue\panda-express\node_modules\express\lib\router\index.js:284:15
at Function.process_params (C:\Users\goran\Desktop\learn-vue\panda-express\node_modules\express\lib\router\index.js:346:12)
at next (C:\Users\goran\Desktop\learn-vue\panda-express\node_modules\express\lib\router\index.js:280:10)
at Function.handle (C:\Users\goran\Desktop\learn-vue\panda-express\node_modules\express\lib\router\index.js:175:3)원인
passport.js 버전이 올라감에 따라 사용법에 변경이 있었기 때문.
( req.logout()이 비동기함수가 됨 )
해결
아래와 같이 코드를 변경하면 정상동작한다.
router.get('/logout', (req, res, next) => {
req.logOut(err => {
if (err) {
return next(err);
} else {
console.log('로그아웃됨.');
res.redirect('/');
}
});
});자세한 설명
https://medium.com/passportjs/fixing-session-fixation-b2b68619c51d
The other major change is that that req.logout() is now an asynchronous function, whereas previously it was synchronous. For instance, a logout route that was previously:
이번 업데이트로 원래는 동기 함수였던 req.logout()이 비동기 함수가 됐다. 바로 아래의 코드는 동기함수였을 시절 쓰던 방식이다.
app.post('/logout', function(req, res, next) {
req.logout();
res.redirect('/');
});should be modified to:
이젠 위 코드처럼 쓰지 말고, 아래처럼 써야 잘 동작한다.
app.post('/logout', function(req, res, next) {
req.logout(function(err) {
if (err) { return next(err); }
res.redirect('/');
});
});This improves the overall security posture of any app using Passport for authentication.
바뀐 사용법은 보안(security)상의 이점이 있다.
노는게 제일 좋습니다.