Skip to content

Commit 3130646

Browse files
joyewon0705joyewon0705
committed
Feat: Refesh Token 저장 및 발급 로직 개선
1 parent 13c6c36 commit 3130646

File tree

4 files changed

+32
-2
lines changed

4 files changed

+32
-2
lines changed

src/main/java/com/back/domain/user/entity/UserToken.java

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2,13 +2,15 @@
22

33
import com.back.global.entity.BaseEntity;
44
import jakarta.persistence.*;
5+
import lombok.AllArgsConstructor;
56
import lombok.Getter;
67
import lombok.NoArgsConstructor;
78

89
import java.time.LocalDateTime;
910

1011
@Entity
1112
@NoArgsConstructor
13+
@AllArgsConstructor
1214
@Getter
1315
public class UserToken extends BaseEntity {
1416
@ManyToOne(fetch = FetchType.LAZY)

src/main/java/com/back/domain/user/repository/UserTokenRepository.java

Lines changed: 13 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,13 @@
1+
package com.back.domain.user.repository;
2+
3+
import com.back.domain.user.entity.UserToken;
4+
import org.springframework.data.jpa.repository.JpaRepository;
5+
import org.springframework.stereotype.Repository;
6+
7+
import java.util.Optional;
8+
9+
@Repository
10+
public interface UserTokenRepository extends JpaRepository<UserToken, Long> {
11+
Optional<UserToken> findByRefreshToken(String refreshToken);
12+
void deleteByRefreshToken(String refreshToken);
13+
}

src/main/java/com/back/domain/user/service/UserService.java

Lines changed: 15 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -6,25 +6,31 @@
66
import com.back.domain.user.entity.User;
77
import com.back.domain.user.entity.UserProfile;
88
import com.back.domain.user.entity.UserStatus;
9+
import com.back.domain.user.entity.UserToken;
910
import com.back.domain.user.repository.UserProfileRepository;
1011
import com.back.domain.user.repository.UserRepository;
12+
import com.back.domain.user.repository.UserTokenRepository;
1113
import com.back.global.exception.CustomException;
1214
import com.back.global.exception.ErrorCode;
1315
import com.back.global.security.CurrentUser;
1416
import com.back.global.security.JwtTokenProvider;
1517
import jakarta.servlet.http.Cookie;
18+
import jakarta.servlet.http.HttpServletRequest;
1619
import jakarta.servlet.http.HttpServletResponse;
1720
import lombok.RequiredArgsConstructor;
1821
import org.springframework.security.crypto.password.PasswordEncoder;
1922
import org.springframework.stereotype.Service;
2023
import org.springframework.transaction.annotation.Transactional;
2124

25+
import java.time.LocalDateTime;
26+
2227
@Service
2328
@RequiredArgsConstructor
2429
@Transactional
2530
public class UserService {
2631
private final UserRepository userRepository;
2732
private final UserProfileRepository userProfileRepository;
33+
private final UserTokenRepository userTokenRepository;
2834
private final PasswordEncoder passwordEncoder;
2935
private final JwtTokenProvider jwtTokenProvider;
3036

@@ -106,13 +112,20 @@ public UserResponse login(LoginRequest request, HttpServletResponse response) {
106112
String accessToken = jwtTokenProvider.createAccessToken(user.getId(), user.getUsername(), user.getRole().name());
107113
String refreshToken = jwtTokenProvider.createRefreshToken(user.getId());
108114

109-
// TODO: Refresh Token 저장소에 저장 로직 추가 예정 (현재는 stateless 방식)
115+
// DB에 Refresh Token 저장
116+
UserToken userToken = new UserToken(
117+
user,
118+
refreshToken,
119+
LocalDateTime.now().plusSeconds(jwtTokenProvider.getRefreshTokenExpirationInSeconds())
120+
);
121+
userTokenRepository.save(userToken);
122+
110123
// Refresh Token을 HttpOnly 쿠키로 설정
111124
Cookie cookie = new Cookie("refreshToken", refreshToken);
112125
cookie.setHttpOnly(true);
113126
cookie.setSecure(true);
114127
cookie.setPath("/api/auth/refresh");
115-
cookie.setMaxAge(7 * 24 * 60 * 60); // TODO: 하드 코딩된 만료 시간 상수로 분리
128+
cookie.setMaxAge((int) jwtTokenProvider.getRefreshTokenExpirationInSeconds());
116129
response.addCookie(cookie);
117130

118131
// Access Token을 응답 헤더에 설정

src/main/java/com/back/global/security/JwtTokenProvider.java

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -8,6 +8,7 @@
88
import io.jsonwebtoken.Jwts;
99
import io.jsonwebtoken.security.Keys;
1010
import jakarta.annotation.PostConstruct;
11+
import lombok.Getter;
1112
import org.springframework.beans.factory.annotation.Value;
1213
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
1314
import org.springframework.security.core.Authentication;
@@ -33,6 +34,7 @@ public class JwtTokenProvider {
3334
@Value("${jwt.access-token-expiration}")
3435
private long accessTokenExpirationInSeconds;
3536

37+
@Getter
3638
@Value("${jwt.refresh-token-expiration}")
3739
private long refreshTokenExpirationInSeconds;
3840

0 commit comments

Comments
 (0)