aics-server/aics-auth/src/main/java/kgu/developers/auth/api/application/AuthService.java at 50c681348cbc56c4dd8906f11a4f99895d78759f · kgu-developers/aics-server · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
package kgu.developers.auth.api.application;

import kgu.developers.auth.api.presentation.exception.TokenNotFoundException;
import kgu.developers.auth.api.presentation.request.LoginRequest;
import kgu.developers.auth.api.presentation.request.RefreshTokenRequest;
import kgu.developers.auth.api.presentation.response.TokenResponse;
import kgu.developers.common.auth.jwt.TokenProvider;
import kgu.developers.domain.refreshtoken.domain.RefreshToken;
import kgu.developers.domain.refreshtoken.domain.RefreshTokenRepository;
import kgu.developers.domain.user.application.query.UserQueryService;
import kgu.developers.domain.user.domain.User;
import lombok.RequiredArgsConstructor;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;

import java.time.Duration;

@Service
@RequiredArgsConstructor
public class AuthService {
	private final UserQueryService userQueryService;
	private final PasswordEncoder passwordEncoder;
	private final TokenProvider tokenProvider;
	private final RefreshTokenRepository refreshTokenRepository;

	@Transactional(readOnly = true)
	public TokenResponse login(LoginRequest request) {
		String userId = request.userId();
		String password = request.password();

		User user = userQueryService.getUserById(userId);
		user.isPasswordMatching(password, passwordEncoder);

		String role = user.getRole().name();
		String refreshToken = tokenProvider.generateToken(user.getId(), Duration.ofDays(1), role);
		String accessToken = tokenProvider.generateToken(user.getId(), Duration.ofHours(1), role);

		refreshTokenRepository.save(RefreshToken.of(userId, refreshToken));
		return TokenResponse.of(accessToken, refreshToken);
	}

	public TokenResponse reissue(RefreshTokenRequest request) {
		String requestToken = request.refreshToken();
		RefreshToken refreshTokenEntity = refreshTokenRepository.findByRefreshToken(requestToken)
			.orElseThrow(TokenNotFoundException::new);

		refreshTokenRepository.delete(refreshTokenEntity);

		String userId = refreshTokenEntity.getUserId();
		User user = userQueryService.getUserById(userId);
		String role = user.getRole().name();
		String refreshToken = tokenProvider.generateToken(userId, Duration.ofDays(1), role);
		String accessToken = tokenProvider.generateToken(userId, Duration.ofHours(1), role);
		refreshTokenRepository.save(RefreshToken.of(userId, refreshToken));
		return TokenResponse.of(accessToken, refreshToken);
	}
}