Skip to content

Commit

Permalink
feat/#507: 로그인 할 때 redis에 리프레시 토큰 저장
Browse files Browse the repository at this point in the history
  • Loading branch information
@LJH098 @hwangdaesun
LJH098 authored and hwangdaesun committed Oct 9, 2024
1 parent 6615961 commit 653d2c5
Show file tree
Hide file tree
Showing 2 changed files with 16 additions and 2 deletions.
8 changes: 7 additions & 1 deletion BE/exceed/src/main/java/com/gaebaljip/exceed/application/service/auth/AuthService.java
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,7 @@
package com.gaebaljip.exceed.application.service.auth;

import com.gaebaljip.exceed.adapter.out.redis.RedisAdapter;
import com.gaebaljip.exceed.common.dto.ReissueTokenDTO;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
Expand All @@ -14,6 +16,8 @@

import lombok.RequiredArgsConstructor;

import javax.servlet.http.HttpServletRequest;

@Service
@RequiredArgsConstructor
@Transactional(readOnly = true)
Expand All @@ -29,9 +33,11 @@ public LoginResponseDTO execute(LoginRequest request) {
if (!bCryptPasswordEncoder.matches(request.password(), member.getPassword())) {
throw PasswordMismatchException.EXECPTION;
}
return LoginResponseDTO.builder()
LoginResponseDTO loginResponseDTO = LoginResponseDTO.builder()
.accessToken(jwtManager.generateAccessToken(member.getId()))
.refreshToken(jwtManager.generateRefreshToken(member.getId()))
.build();
jwtManager.saveRefreshToken(request.email(), loginResponseDTO.refreshToken());
return loginResponseDTO;
}
}
10 changes: 9 additions & 1 deletion BE/exceed/src/main/java/com/gaebaljip/exceed/common/security/domain/JwtManager.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,8 @@

import javax.servlet.http.HttpServletRequest;

import com.gaebaljip.exceed.adapter.out.redis.RedisAdapter;
import lombok.RequiredArgsConstructor;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.security.core.AuthenticationException;
import org.springframework.stereotype.Component;
Expand All @@ -25,10 +27,12 @@ public class JwtManager {
private static final long ACCESS_TOKEN_EXPIRE_TIME = 1000 * 60 * 60 * 24 * 3; // 3일
private static final long REFRESH_TOKEN_EXPIRE_TIME = 1000 * 60 * 60 * 24 * 7; // 7일
private final Key key;
private RedisAdapter redisAdapter;

public JwtManager(@Value("${jwt.secret}") String secretKey) {
public JwtManager(@Value("${jwt.secret}") String secretKey, RedisAdapter redisAdapter) {
byte[] keyBytes = Decoders.BASE64.decode(secretKey);
this.key = Keys.hmacShaKeyFor(keyBytes);
this.redisAdapter = redisAdapter;
}

public String generateAccessToken(Long memberId) {
Expand Down Expand Up @@ -152,4 +156,8 @@ public boolean validateRefreshToken(String refreshToken, HttpServletRequest requ
}
return false;
}

public void saveRefreshToken(String email, String refreshToken) {
redisAdapter.saveWithExpiration(email, refreshToken, REFRESH_TOKEN_EXPIRE_TIME);
}
}

0 comments on commit 653d2c5

Please sign in to comment.