merge: pull request #19 from feat/token/1

[Feat]token/1 pull request

Author: HYEONSIKOH

src/main/java/org/dfbf/soundlink/domain/user/controller/AuthController.java

@@ -0,0 +1,41 @@
+package org.dfbf.soundlink.domain.user.controller;
+
+import io.swagger.v3.oas.annotations.Operation;
+import io.swagger.v3.oas.annotations.tags.Tag;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import lombok.AllArgsConstructor;
+import org.dfbf.soundlink.domain.user.dto.request.LoginReqDto;
+import org.dfbf.soundlink.domain.user.service.UserService;
+import org.dfbf.soundlink.global.exception.ResponseResult;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+@RestController
+@AllArgsConstructor
+@Tag(name = "Auth API", description = "인증 관련 API")
+@RequestMapping("/api/auth")
+public class AuthController {
+
+    private final UserService userService;
+
+    @PostMapping("/login")
+    @Operation(summary = "로그인", description = "로그인 API")
+    public ResponseResult login(@RequestBody LoginReqDto loginReqDto, HttpServletResponse response) {
+        return userService.login(loginReqDto, response);
+    }
+
+    @PostMapping("/logout")
+    @Operation(summary = "로그아웃", description = "로그아웃 API")
+    public ResponseResult logout(HttpServletResponse response, HttpServletRequest request) {
+        return userService.logout(response, request);
+    }
+
+    @PostMapping("/token")
+    @Operation(summary = "토큰 재발급", description="AC 토큰 재발급 API")
+    public ResponseResult reissueToken(HttpServletRequest request, HttpServletResponse response){
+        return userService.reissueToken(request, response);
+    }
+}

src/main/java/org/dfbf/soundlink/domain/user/controller/UserController.java

@@ -50,15 +50,5 @@ public ResponseResult updateUser(@AuthenticationPrincipal Long id,@RequestBody U
     @Operation(summary = "마이 페이지", description = "마이 페이지 조회 API")
     public ResponseResult getMyPage(@AuthenticationPrincipal Long id) { return userService.getMyPage(id); }
 
-    @PostMapping("/login")
-    @Operation(summary = "로그인", description = "로그인 API")
-    public ResponseResult login(@RequestBody LoginReqDto loginReqDto, HttpServletResponse response) {
-        return userService.login(loginReqDto, response);
-    }
 
-    @PostMapping("/logout")
-    @Operation(summary = "로그아웃", description = "로그아웃 API")
-    public ResponseResult logout(HttpServletResponse response) {
-        return userService.logout(response);
-    }
 }

src/main/java/org/dfbf/soundlink/domain/user/repository/UserRepository.java

@@ -33,9 +33,6 @@ public interface UserRepository extends JpaRepository<User, Long> {
     Optional<User> findByLoginId(String loginId);
 
     @Query("Select u.password from User u  where u.loginId =:loginId ")
-    String findByPassword(@Param("loginId")String loginId);
-
-
-
+    String findPasswordByLoginId(@Param("loginId")String loginId); //비밀번호만 조회
 
 }

src/main/java/org/dfbf/soundlink/domain/user/service/TokenService.java

@@ -0,0 +1,29 @@
+package org.dfbf.soundlink.domain.user.service;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.data.redis.core.StringRedisTemplate;
+import org.springframework.stereotype.Service;
+
+@Service
+public class TokenService {
+    @Autowired
+    private StringRedisTemplate redisTemplate;
+
+    //가져오기
+    public String getRefreshToken(Long userId) {
+        String tokenKey = "refreshToken:" + userId;
+        return redisTemplate.opsForValue().get(tokenKey);
+    }
+
+    //저장하기
+    public void saveRedisTemplate(Long userId, String refreshToken) {
+        String tokenKey = "refreshToken:" + userId;
+        redisTemplate.opsForValue().set(tokenKey, refreshToken);
+    }
+
+    //삭제하기
+    public void deleteRefreshToken(Long userId){
+        String tokenKey = "refreshToken:" + userId;
+        redisTemplate.delete(tokenKey);
+    }
+}

src/main/java/org/dfbf/soundlink/domain/user/service/UserService.java

@@ -1,6 +1,8 @@
 package org.dfbf.soundlink.domain.user.service;
 
 import jakarta.mail.MessagingException;
+import jakarta.servlet.http.Cookie;
+import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
 import jakarta.transaction.Transactional;
 import lombok.AllArgsConstructor;
@@ -22,7 +24,6 @@
 import org.dfbf.soundlink.global.auth.TokenProperties;
 import org.dfbf.soundlink.global.exception.ErrorCode;
 import org.dfbf.soundlink.global.exception.ResponseResult;
-import org.springframework.data.redis.core.RedisTemplate;
 import org.springframework.http.ResponseCookie;
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.stereotype.Service;
@@ -43,9 +44,10 @@ public class UserService {
     private final BCryptPasswordEncoder passwordEncoder;
     private final MailService mailService;
     private final RedisService redisService;
+
     private final JwtProvider jwtProvider;
     private final TokenProperties tokenProperties;
-    private RedisTemplate<String, String> redisTemplate;
+    private final TokenService tokenService;
 
 
     // 회원가입
@@ -194,7 +196,7 @@ public ResponseResult login(LoginReqDto loginReqDto, HttpServletResponse respons
                 return new ResponseResult(ErrorCode.FAIL_TO_FIND_USER, "계정을 찾을 수 없습니다.");
             }
             // 비밀번호 검증(암호화 된 비밀번호 비교)
-            if(!passwordEncoder.matches(loginReqDto.password(), userRepository.findByPassword(loginReqDto.loginId()))){
+            if(!passwordEncoder.matches(loginReqDto.password(), userRepository.findPasswordByLoginId(loginReqDto.loginId()))){
                 return new ResponseResult( ErrorCode.NOT_EQUALS_PASSWORD,"잘못된 비밀번호 입니다.");
             }
 
@@ -220,7 +222,7 @@ public ResponseResult login(LoginReqDto loginReqDto, HttpServletResponse respons
     }
 
     //로그아웃
-    public ResponseResult logout(HttpServletResponse response) {
+    public ResponseResult logout(HttpServletResponse response, HttpServletRequest request) {
         try {
             //클라이언트 - 토큰 삭제
             ResponseCookie refreshCookie = ResponseCookie
@@ -232,13 +234,60 @@ public ResponseResult logout(HttpServletResponse response) {
                     .build();
             response.setHeader("Set-Cookie", refreshCookie.toString());//쿠키 삭제 요청
 
-            return new ResponseResult(ErrorCode.SUCCESS);
+            String accessToken = jwtProvider.resolveAccessToken(request); // 요청에서 액세스 토큰 추출
+            Long userId = jwtProvider.getUserId(accessToken); // 액세스 토큰을 넘겨서 userId 추출
+
+            tokenService.deleteRefreshToken(userId);
+
+            return new ResponseResult(ErrorCode.SUCCESS,"로그아웃 되었습니다.");
 
         } catch (Exception e) {
             return new ResponseResult(ErrorCode. INTERNAL_SERVER_ERROR,"로그아웃 중 오류가 발생했습니다.");
         }
     }
 
+    //토큰 재발급
+    public ResponseResult reissueToken(HttpServletRequest request, HttpServletResponse response) {
+        String accessToken = jwtProvider.resolveAccessToken(request);
+        String refreshToken = jwtProvider.resolveRefreshToken(request);
+
+//        System.out.println("AccessToken: " + accessToken);
+//        System.out.println("RefreshToken from Cookie: " + refreshToken);
+
+        // AccessToken과 RefreshToken이 모두 없는 경우
+        if (accessToken == null || refreshToken == null) {
+            logout(response,request);
+            return new ResponseResult(ErrorCode.TOKEN_INVALID, "토큰이 존재하지 않거나 만료되었습니다.");
+        }
+
+        // AccessToken 유효성 확인
+        if (jwtProvider.validateToken(accessToken)) {
+            return new ResponseResult(ErrorCode.TOKEN_NOT_EXPIRED);// 유효한 액세스 토큰: 재발급 x
+        }
+
+        // RefreshToken 유효성 확인
+        if (jwtProvider.validateToken(refreshToken)) {
+            Long userId = jwtProvider.getUserId(refreshToken);
+
+            // Redis에서 리프레시 토큰 가져오기
+            String redisRefreshToken = tokenService.getRefreshToken(userId);
+
+            // Redis에서 리프레시 토큰을 확인하고, 일치하면 새 액세스 토큰 발급
+            if (redisRefreshToken != null && redisRefreshToken.equals(refreshToken)) {
+                String newAccessToken = jwtProvider.createAccessToken(userId);
+
+//                System.out.println("New AccessToken: " + newAccessToken);
+
+                Map<String, String> responseBody = new HashMap<>();
+                responseBody.put("accessToken", newAccessToken);
 
+                return new ResponseResult(ErrorCode.SUCCESS, responseBody);
+            } else {
+                return new ResponseResult(ErrorCode.TOKEN_INVALID, "리프레시 토큰이 일치하지 않습니다.");
+            }
+        } else {
+            return new ResponseResult(ErrorCode.TOKEN_INVALID, "리프레시 토큰이 유효하지 않습니다.");
+        }
+    }
 
 }

src/main/java/org/dfbf/soundlink/global/auth/JwtProvider.java

@@ -55,10 +55,10 @@ public String createRefreshToken(long userId) {
                 .signWith(SECRET_KEY, SignatureAlgorithm.HS256)
                 .compact();
         try {
-            redisTemplate.opsForValue().set("refreshToken: "+userId, refreshToken,REFRESH_EXPIRATION_TIME, TimeUnit.MILLISECONDS);
+            redisTemplate.opsForValue().set("refreshToken:"+userId, refreshToken,REFRESH_EXPIRATION_TIME, TimeUnit.MILLISECONDS);
             return refreshToken;
         } catch (Exception e) {
-            System.out.println("[Redis] RefreshToken save failed: " + e.getMessage());
+            System.out.println("[Redis] RefreshToken save failed:" + e.getMessage());
             return null;
         }
     }

src/main/java/org/dfbf/soundlink/global/exception/ErrorCode.java

@@ -43,6 +43,7 @@ public enum ErrorCode {
     TOKEN_NOT_EXPIRED(HttpStatus.OK, "토큰 정상"),
     TOKEN_EXPIRED(HttpStatus.BAD_REQUEST, "토큰 만료됨"),
     TOKEN_TAMPERED(HttpStatus.BAD_REQUEST, "토큰 변조됨"),
+    TOKEN_INVALID(HttpStatus.BAD_REQUEST,"유효하지 않은 토큰"),
 
     // 카카오페이 결제 에러
     KAKAOPAY_READY_ERROR(HttpStatus.INTERNAL_SERVER_ERROR, "카카오페이 결제 준비 에러"),