Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[LIME-165] Refresh Token 저장소 레디스로 변경 #89

Merged
merged 2 commits into from
Apr 13, 2024
Merged

[LIME-165] Refresh Token 저장소 레디스로 변경 #89

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
32ee616
fix: 카카오 로그인 시 리프레시 토큰 저장하도록 변경
Yiseull Apr 13, 2024
7933108
feat: 리프레시 토큰 저장소 레디스로 변경
Yiseull Apr 13, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 4 additions & 4 deletions lime-api/src/main/java/com/programmers/lime/domains/auth/application/OAuthUserService.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@
import com.programmers.lime.domains.member.domain.vo.SocialType;
import com.programmers.lime.domains.member.implementation.MemberAppender;
import com.programmers.lime.domains.member.implementation.MemberReader;
import com.programmers.lime.global.config.security.jwt.JwtService;
import com.programmers.lime.global.config.security.SecurityManager;

import lombok.RequiredArgsConstructor;

Expand All @@ -20,7 +20,7 @@ public class OAuthUserService {
private final KakaoOAuthClient kakaoOAuthClient;
private final MemberAppender memberAppender;
private final MemberReader memberReader;
private final JwtService jwtService;
private final SecurityManager securityManager;

@Transactional
public MemberLoginServiceResponse login(final String code) {
Expand All @@ -32,8 +32,8 @@ public MemberLoginServiceResponse login(final String code) {
SocialType.KAKAO
).orElseGet(() -> saveMember(response));

String accessToken = jwtService.generateAccessToken(String.valueOf(foundMember.getId()));
String refreshToken = jwtService.generateRefreshToken();
String accessToken = securityManager.generateAccessToken(foundMember.getId());
String refreshToken = securityManager.generateRefreshToken(foundMember.getId());

return MemberLoginServiceResponse.from(foundMember, accessToken, refreshToken);
}
Expand Down
16 changes: 9 additions & 7 deletions lime-api/src/main/java/com/programmers/lime/global/config/security/SecurityManager.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,11 +1,11 @@
package com.programmers.lime.global.config.security;

import org.springframework.cache.CacheManager;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.stereotype.Component;

import com.programmers.lime.global.config.security.jwt.JwtService;
import com.programmers.lime.redis.token.RefreshTokenManager;

import io.jsonwebtoken.JwtException;
import lombok.RequiredArgsConstructor;
Expand All @@ -14,11 +14,9 @@
@RequiredArgsConstructor
public class SecurityManager {

public static final String REFRESH_TOKEN_CACHE = "refreshToken";

private final JwtService jwtService;
private final AuthenticationManager authenticationManager;
private final CacheManager cacheManager;
private final RefreshTokenManager refreshTokenManager;

public void authenticate(
final Long memberId,
Expand All @@ -36,20 +34,24 @@ public String generateAccessToken(final Long memberId) {

public String generateRefreshToken(final Long memberId) {
final String refreshToken = jwtService.generateRefreshToken();
cacheManager.getCache(REFRESH_TOKEN_CACHE).put(refreshToken, memberId);
refreshTokenManager.addRefreshToken(refreshToken, memberId);

return refreshToken;
}

public void removeRefreshToken(final String refreshToken) {
cacheManager.getCache(REFRESH_TOKEN_CACHE).evict(refreshToken);
refreshTokenManager.deleteRefreshToken(refreshToken);
}

public String reissueAccessToken(final String refreshToken, final String authorizationHeader) {
final String accessToken = authorizationHeader.substring(7);

if (jwtService.isRefreshValidAndAccessInValid(refreshToken, accessToken)) {
final Long memberId = cacheManager.getCache(REFRESH_TOKEN_CACHE).get(refreshToken, Long.class);
final Long memberId = refreshTokenManager.getMemberId(refreshToken);

if (memberId == null) {
throw new JwtException("Refresh Token이 유효하지 않습니다.");
}

return generateAccessToken(memberId);
}
Expand Down
35 changes: 35 additions & 0 deletions lime-infrastructure/src/main/java/com/programmers/lime/redis/token/RefreshTokenManager.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,35 @@
package com.programmers.lime.redis.token;

import java.util.concurrent.TimeUnit;

import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.stereotype.Component;

import lombok.RequiredArgsConstructor;

@Component
@RequiredArgsConstructor
public class RefreshTokenManager {

public static final int EXPIRE_TIME = 1209600;
public static final String key = "REFRESH_TOKEN_";
private final RedisTemplate<String, Object> redisTemplate;

public void addRefreshToken(
final String refreshToken,
final Long memberId
) {
redisTemplate.opsForValue().set(key + refreshToken, memberId);
redisTemplate.expire(key + refreshToken, EXPIRE_TIME, TimeUnit.SECONDS);
}

public Long getMemberId(final String refreshToken) {
Object memberId = redisTemplate.opsForValue().get(key + refreshToken);

return memberId == null ? null : ((Integer) memberId).longValue();
}

public void deleteRefreshToken(final String refreshToken) {
redisTemplate.delete(key + refreshToken);
}
}
Loading