[feat] : Save RefreshToken to Redis #8

Author: Hyeromon

src/main/java/org/dfbf/soundlink/domain/user/service/UserService.java

@@ -27,6 +27,8 @@
 import org.springframework.http.HttpHeaders;
 import org.springframework.http.ResponseCookie;
 import org.springframework.http.ResponseEntity;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.core.userdetails.UserDetails;
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.stereotype.Service;
 
@@ -177,6 +179,7 @@ public boolean checkNickName(String nickName){
         return userRepository.existsByNickName(nickName);
     }
 
+    //refreshToken을 쿠키로 설정
     public ResponseCookie getRefreshToken(String refreshToken) {
         return ResponseCookie
                 .from("REFRESHTOKEN", refreshToken)
@@ -204,43 +207,42 @@ public ResponseResult login(LoginReqDto loginReqDto, HttpServletResponse respons
             String accessToken = jwtProvider.createAccessToken(user.getUserId());
             String refreshToken = jwtProvider.createRefreshToken(user.getUserId());
 
-//            System.out.println("Access Token: " + accessToken);
-//            System.out.println("Refresh Token: " + refreshToken);
 
-            //헤더에 refreshToken 추가
+            //refreshToken - 쿠키
             ResponseCookie refreshCookie = getRefreshToken(refreshToken);
             response.setHeader("Set-Cookie", refreshCookie.toString());
 
-            //바디에 accessToken 포함
+            //accessToken - 바디
             Map<String, String> responseBody = new HashMap<>();
             responseBody.put("accessToken", accessToken);
 
             return new ResponseResult(responseBody);
         } catch (Exception e) {
             System.out.println("[ERROR] " + e.getMessage());
-            return new ResponseResult(ErrorCode.DB_ERROR);
+            return new ResponseResult(ErrorCode. INTERNAL_SERVER_ERROR);
         }
     }
 
     //로그아웃
     public ResponseResult logout(HttpServletResponse response) {
         try {
-            //토큰 삭제
+            //클라이언트 - 토큰 삭제
             ResponseCookie refreshCookie = ResponseCookie
                     .from("REFRESHTOKEN", "") // 추후 토큰값 추가
                     .domain("localhost")
                     .path("/")
                     .httpOnly(true)
                     .maxAge(0)
                     .build();
+            response.setHeader("Set-Cookie", refreshCookie.toString());//쿠키 삭제 요청
 
-            response.setHeader("Set-Cookie", refreshCookie.toString());//삭제 요청
             return new ResponseResult(ErrorCode.SUCCESS);
 
         } catch (Exception e) {
-            return new ResponseResult(ErrorCode.DB_ERROR,"로그아웃 중 오류가 발생했습니다.");
+            return new ResponseResult(ErrorCode. INTERNAL_SERVER_ERROR,"로그아웃 중 오류가 발생했습니다.");
         }
     }
 
 
+
 }

src/main/java/org/dfbf/soundlink/global/auth/JwtProvider.java

@@ -2,12 +2,18 @@
 
 import ch.qos.logback.core.subst.Token;
 import io.jsonwebtoken.security.Keys;
+import io.jsonwebtoken.security.SignatureException;
+import jakarta.servlet.http.Cookie;
+import jakarta.servlet.http.HttpServletRequest;
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
+import org.springframework.data.redis.core.RedisTemplate;
 import org.springframework.stereotype.Component;
 import io.jsonwebtoken.*;
 
 import javax.crypto.SecretKey;
 import java.util.Date;
+import java.util.concurrent.TimeUnit;
 
 @Component
 public class JwtProvider {
@@ -19,8 +25,11 @@ public class JwtProvider {
     @Value("${REFRESH_TOKEN_EXPIRATION_TIME}")
     private long REFRESH_EXPIRATION_TIME;
 
-    //시크릿 키 생성
-    private final SecretKey SECRET_KEY = Keys.secretKeyFor(SignatureAlgorithm.HS256);;
+    //시크릿 키 자동 생성
+    private final SecretKey SECRET_KEY = Keys.secretKeyFor(SignatureAlgorithm.HS256);
+
+    @Autowired
+    private RedisTemplate<String, String> redisTemplate;
 
     //Access 토큰
     public String createAccessToken(long userId) {
@@ -45,8 +54,48 @@ public String createRefreshToken(long userId) {
                 .setExpiration(new Date(now.getTime()+REFRESH_EXPIRATION_TIME))
                 .signWith(SECRET_KEY, SignatureAlgorithm.HS256)
                 .compact();
+        try {
+            redisTemplate.opsForValue().set("refreshToken: "+userId, refreshToken,REFRESH_EXPIRATION_TIME, TimeUnit.MILLISECONDS);
+            return refreshToken;
+        } catch (Exception e) {
+            System.out.println("[Redis] RefreshToken save failed: " + e.getMessage());
+            return null;
+        }
+    }
+
+    //토큰 검증(변조, 만료, 올바른 형식)
+    public boolean validateToken(String token){
+        try {
+            Jwts.parserBuilder()
+                    .setSigningKey(SECRET_KEY)  //서명 검증
+                    .build()
+                    .parseClaimsJws(token);     //토큰 유효한지 확인.
+            return true;
+        } catch (Exception e) {
+            System.out.println("[ERROR] Token validation failed: " + e.getMessage());
+            return false;
+        }
+    }
+
+    //액세스토큰 추출
+    public String resolveAccessToken(HttpServletRequest request) {
+        String bearerToken = request.getHeader("Authorization"); //토큰을 헤더에 포함했는지
+        if (bearerToken != null && bearerToken.startsWith("Bearer ")) {
+            return bearerToken.substring(7);
+        }
+        return null;
+    }
 
-        return refreshToken;
+    //리프레시토큰 추출
+    public String resolveRefreshToken(HttpServletRequest request) {
+        if(request.getCookies() != null){
+            for (Cookie cookie : request.getCookies()) {
+                if("REFRESHTOKEN".equals(cookie.getName())){    //REFRESHTOKEN 쿠키 찾아서 해당 값 반환
+                    return cookie.getValue();
+                }
+            }
+        }
+        return null;
     }
 
 }

src/main/java/org/dfbf/soundlink/global/auth/TokenProperties.java

@@ -8,6 +8,7 @@
 @ConfigurationProperties(prefix = "token")
 public class TokenProperties {
     private long refreshTokenExpirationTime;
+    private long accessTokenExpirationTime;
 
     public long getRefreshTokenExpirationTime(){
         return refreshTokenExpirationTime;
@@ -16,4 +17,11 @@ public long getRefreshTokenExpirationTime(){
     public void setRefreshTokenExpirationTime(long refreshTokenExpirationTime){
         this.refreshTokenExpirationTime = refreshTokenExpirationTime;
     }
+    public long getAccessTokenExpirationTime() {
+        return accessTokenExpirationTime;
+    }
+
+    public void setAccessTokenExpirationTime(long accessTokenExpirationTime) {
+        this.accessTokenExpirationTime = accessTokenExpirationTime;
+    }
 }