From e94c303ad626f24f68f768bef859294cae1a1c2d Mon Sep 17 00:00:00 2001
From: Chiman2937 <cyga2933@gmail.com>
Date: Tue, 23 Dec 2025 22:01:45 +0900
Subject: [PATCH 1/3] =?UTF-8?q?feat:=20proxy(middleware)=20=EC=84=A4?=
 =?UTF-8?q?=EC=A0=95=20=EC=B6=94=EA=B0=80?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- accessToken과 refreshToken이 둘다 없으면 login 페이지로 redirect:
  /mypage, /post-meetup, /message, /schedule

- login 로직 수정(withCredentials 속성 추가)
- token.ts 로직 수정(Domain 속성 추가)
---
 src/api/service/auth-service/index.ts |  2 +-
 src/lib/auth/token.ts                 |  6 +++++-
 src/proxy.ts                          | 29 +++++++++++++++++++++++++++
 3 files changed, 35 insertions(+), 2 deletions(-)
 create mode 100644 src/proxy.ts

diff --git a/src/api/service/auth-service/index.ts b/src/api/service/auth-service/index.ts
index 364062cc..5caafa74 100644
--- a/src/api/service/auth-service/index.ts
+++ b/src/api/service/auth-service/index.ts
@@ -11,7 +11,7 @@ import {
 export const authServiceRemote = () => ({
   // 로그인
   login: async (payload: LoginRequest) => {
-    const data = await api.post<LoginResponse>('/auth/login', payload);
+    const data = await api.post<LoginResponse>('/auth/login', payload, { withCredentials: true });
 
     setAccessToken(data.accessToken, data.expiresIn);
     return data;
diff --git a/src/lib/auth/token.ts b/src/lib/auth/token.ts
index 2b2f49e7..f6d4c516 100644
--- a/src/lib/auth/token.ts
+++ b/src/lib/auth/token.ts
@@ -3,7 +3,11 @@ const ACCESS_TOKEN_KEY = 'accessToken';
 export const setAccessToken = (token: string, maxAgeSeconds?: number) => {
   if (typeof document === 'undefined') return;
 
-  const parts = [`${ACCESS_TOKEN_KEY}=${encodeURIComponent(token)}`, 'path=/'];
+  const parts = [
+    `${ACCESS_TOKEN_KEY}=${encodeURIComponent(token)}`,
+    'path=/',
+    'domain=.wego.monster',
+  ];
 
   if (typeof maxAgeSeconds === 'number' && maxAgeSeconds > 0) {
     parts.push(`Max-Age=${maxAgeSeconds}`);
diff --git a/src/proxy.ts b/src/proxy.ts
new file mode 100644
index 00000000..fd88507a
--- /dev/null
+++ b/src/proxy.ts
@@ -0,0 +1,29 @@
+import { NextRequest, NextResponse } from 'next/server';
+
+export default async function proxy(request: NextRequest) {
+  const accessToken = request.cookies.get('accessToken');
+  const refreshToken = request.cookies.get('refreshToken');
+
+  const protectedPaths = ['/mypage', '/post-meetup', '/message', '/schedule'];
+  const isProtected = protectedPaths.some((path) => request.nextUrl.pathname.startsWith(path));
+
+  // 보호되지 않은 경로는 그냥 통과
+  if (!isProtected) {
+    return NextResponse.next();
+  }
+
+  // 둘 다 없으면 로그인
+  if (!accessToken && !refreshToken) {
+    const loginUrl = new URL('/login', request.url);
+    loginUrl.searchParams.set('error', 'unauthorized');
+    loginUrl.searchParams.set('path', request.nextUrl.pathname);
+    return NextResponse.redirect(loginUrl);
+  }
+
+  // accessToken 있으면 통과
+  return NextResponse.next();
+}
+
+export const config = {
+  matcher: ['/((?!api|_next/static|_next/image|favicon.ico|login|signup).*)'],
+};

From 93869811aba17e517dac17112c8984d650eb4fd8 Mon Sep 17 00:00:00 2001
From: Chiman2937 <cyga2933@gmail.com>
Date: Tue, 23 Dec 2025 22:17:43 +0900
Subject: [PATCH 2/3] =?UTF-8?q?fix:=20logout,=20refresh=EC=97=90=20withCre?=
 =?UTF-8?q?dentials=20=EC=86=8D=EC=84=B1=20=EC=B6=94=EA=B0=80?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 src/api/service/auth-service/index.ts | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/api/service/auth-service/index.ts b/src/api/service/auth-service/index.ts
index 5caafa74..657e0f22 100644
--- a/src/api/service/auth-service/index.ts
+++ b/src/api/service/auth-service/index.ts
@@ -22,7 +22,7 @@ export const authServiceRemote = () => ({
 
   // 로그아웃
   logout: async () => {
-    await api.post<void>('/auth/logout');
+    await api.post<void>('/auth/logout', null, { withCredentials: true });
     clearAccessToken();
   },
 
@@ -40,7 +40,7 @@ export const authServiceRemote = () => ({
 
   // 회원 탈퇴
   withdraw: async () => {
-    await api.delete<void>('/auth/withdraw');
+    await api.delete<void>('/auth/withdraw', { withCredentials: true });
     clearAccessToken();
   },
 });

From cc949ccfa424df27db0dbbe9fd8b204978cd97b2 Mon Sep 17 00:00:00 2001
From: Chiman2937 <cyga2933@gmail.com>
Date: Tue, 23 Dec 2025 22:18:18 +0900
Subject: [PATCH 3/3] =?UTF-8?q?fix:=20proxy.ts=20=EC=A3=BC=EC=84=9D=20?=
 =?UTF-8?q?=EC=88=98=EC=A0=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 src/proxy.ts | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/src/proxy.ts b/src/proxy.ts
index fd88507a..12169813 100644
--- a/src/proxy.ts
+++ b/src/proxy.ts
@@ -12,7 +12,7 @@ export default async function proxy(request: NextRequest) {
     return NextResponse.next();
   }
 
-  // 둘 다 없으면 로그인
+  // 둘 다 없으면 로그인 페이지로 redirect
   if (!accessToken && !refreshToken) {
     const loginUrl = new URL('/login', request.url);
     loginUrl.searchParams.set('error', 'unauthorized');
@@ -20,7 +20,6 @@ export default async function proxy(request: NextRequest) {
     return NextResponse.redirect(loginUrl);
   }
 
-  // accessToken 있으면 통과
   return NextResponse.next();
 }