feat: 리프레시 토큰 RDB 저장 로직

Author: sapiens2000

src/main/java/com/example/log4u/common/oauth2/entity/RefreshToken.java

@@ -0,0 +1,32 @@
+package com.example.log4u.common.oauth2.entity;
+
+import jakarta.persistence.Column;
+import jakarta.persistence.Entity;
+import jakarta.persistence.GeneratedValue;
+import jakarta.persistence.GenerationType;
+import jakarta.persistence.Id;
+import lombok.AccessLevel;
+import lombok.AllArgsConstructor;
+import lombok.NoArgsConstructor;
+import lombok.Setter;
+
+@Entity(name = "refresh_token")
+@NoArgsConstructor(access = AccessLevel.PROTECTED)
+@AllArgsConstructor
+public class RefreshToken {
+	@Id
+	@GeneratedValue(strategy = GenerationType.IDENTITY)
+	private Long id;
+
+	@Column(nullable = false)
+	@Setter
+	private String name;
+
+	@Column(nullable = false)
+	@Setter
+	private String refresh;
+
+	@Column(nullable = false)
+	@Setter
+	private String expiration;
+}

src/main/java/com/example/log4u/common/oauth2/handler/OAuth2AuthenticationSuccessHandler.java

@@ -2,6 +2,7 @@
 
 import java.io.IOException;
 import java.util.Collection;
+import java.util.Date;
 import java.util.Iterator;
 import java.util.Optional;
 
@@ -13,7 +14,9 @@
 import org.springframework.stereotype.Component;
 
 import com.example.log4u.common.oauth2.dto.CustomOAuth2User;
+import com.example.log4u.common.oauth2.entity.RefreshToken;
 import com.example.log4u.common.oauth2.jwt.JwtUtil;
+import com.example.log4u.common.oauth2.repository.RefreshTokenRepository;
 import com.example.log4u.domain.user.entity.User;
 import com.example.log4u.domain.user.repository.UserRepository;
 
@@ -27,9 +30,9 @@
 public class OAuth2AuthenticationSuccessHandler extends SimpleUrlAuthenticationSuccessHandler {
 
 	private final UserRepository userRepository;
+	private final RefreshTokenRepository refreshTokenRepository;
 	private final JwtUtil jwtUtil;
 
-
 	private static final String MAIN_PAGE = "http://localhost:3000/";
 	private static final String PROFILE_CREATE_PAGE = "http://localhost:3000/profile";
 	private static final String LOGIN_PAGE = "http://localhost:3000/login";
@@ -53,34 +56,41 @@ public void onAuthenticationSuccess(
 		CustomOAuth2User customOAuth2User = (CustomOAuth2User)authentication.getPrincipal();
 		Optional<User> existUser = userRepository.findByProviderId(customOAuth2User.getProviderId());
 		Long userId = existUser.map(User::getUserId).orElse(null);
+		String name = customOAuth2User.getName();
 
-		String redirectUrl = switch(customOAuth2User.getRole()){
+		String redirectUrl = switch (customOAuth2User.getRole()) {
 			case "ROLE_GUEST" -> PROFILE_CREATE_PAGE;
 			case "ROLE_USER" -> MAIN_PAGE;
 			default -> LOGIN_PAGE;
 		};
 
-		redirectTo(response, userId, authentication, redirectUrl);
+		setCookieAndSaveRefreshToken(response, userId, authentication, name);
+		redirectTo(response, redirectUrl);
 	}
 
-	private void redirectTo(
+	private void setCookieAndSaveRefreshToken(
 		HttpServletResponse response,
 		Long userId,
 		Authentication authentication,
-		String redirectUrl
-	) throws IOException {
-
+		String name
+	) {
 		Collection<? extends GrantedAuthority> authorities = authentication.getAuthorities();
 		Iterator<? extends GrantedAuthority> iterator = authorities.iterator();
 		GrantedAuthority auth = iterator.next();
 		String role = auth.getAuthority();
 
+		// 쿠키 생성
 		String access = jwtUtil.createJwt(ACCESS_TOKEN_KEY, userId, role, accessTokenValidityInSeconds);
-		String refresh = jwtUtil.createJwt(REFRESH_TOKEN_KEY, userId,  role, refreshTokenValidityInSeconds);
+		String refresh = jwtUtil.createJwt(REFRESH_TOKEN_KEY, userId, role, refreshTokenValidityInSeconds);
+		// 저장
+		saveRefreshToken(refresh, name);
 
 		response.addCookie(createCookie(ACCESS_TOKEN_KEY, access));
 		response.addCookie(createCookie(REFRESH_TOKEN_KEY, refresh));
 		response.setStatus(HttpStatus.OK.value());
+	}
+
+	public void redirectTo(HttpServletResponse response, String redirectUrl) throws IOException {
 		response.sendRedirect(redirectUrl);
 	}
 
@@ -93,4 +103,15 @@ private Cookie createCookie(String key, String value) {
 		return cookie;
 	}
 
+	public void saveRefreshToken(String refresh, String name) {
+		Date date = new Date(System.currentTimeMillis() + refreshTokenValidityInSeconds);
+
+		RefreshToken refreshToken = new RefreshToken(
+			null,
+			name,
+			refresh,
+			date.toString()
+		);
+		refreshTokenRepository.save(refreshToken);
+	}
 }

src/main/java/com/example/log4u/common/oauth2/jwt/JwtLogoutFilter.java

@@ -77,7 +77,7 @@ private void doFilter(HttpServletRequest request, HttpServletResponse response,
 		}
 
 		//DB에 저장되어 있는지 확인
-		Boolean isExist = refreshTokenRepository.existsByRefreshToken(refresh);
+		Boolean isExist = refreshTokenRepository.existsByRefresh(refresh);
 		if (Boolean.FALSE.equals(isExist)) {
 			response.setStatus(HttpServletResponse.SC_BAD_REQUEST);
 			return;
@@ -89,7 +89,7 @@ private void doFilter(HttpServletRequest request, HttpServletResponse response,
 
 	public void logout(HttpServletResponse response, String refresh) {
 		// DB 에서 리프레시 토큰 제거
-		refreshTokenRepository.deleteByRefreshToken(refresh);
+		refreshTokenRepository.deleteByRefresh(refresh);
 		// 쿠키 제거
 		deleteCookie(response);
 	}

src/main/java/com/example/log4u/common/oauth2/repository/RefreshTokenRepository.java

@@ -0,0 +1,13 @@
+package com.example.log4u.common.oauth2.repository;
+
+import org.springframework.data.jpa.repository.JpaRepository;
+import org.springframework.stereotype.Repository;
+
+import com.example.log4u.common.oauth2.entity.RefreshToken;
+
+@Repository
+public interface RefreshTokenRepository extends JpaRepository<RefreshToken, Long> {
+	Boolean existsByRefresh(String refresh);
+
+	void deleteByRefresh(String refresh);
+}