Merge pull request #15 from KNU-HAEDAL/feat/auth

Feat/auth
KNU-HAEDAL · May 31, 2024 · d41e10f · d41e10f
2 parents ce7a531 + 26c67f6
commit d41e10f
Show file tree

Hide file tree

Showing 7 changed files with 53 additions and 46 deletions.
diff --git a/.github/workflows/cicd.yml b/.github/workflows/cicd.yml
@@ -40,16 +40,6 @@ jobs:
     # script의 내용은 도커의 기존 프로세스들을 제거하고, docker repo로부터 방금 위에서 push한 내용을 pull 받아 실행하는 것입니다.
     # 실행 시, docker-compose를 사용합니다.
     steps:
-#      - name: ✔️ send docker-compose.yml to EC2 server
-#        uses: appleboy/[email protected]
-#        with:
-#          username: ec2-user
-#          host: ${{ secrets.HOST }}
-#          key: ${{ secrets.KEY }}
-#          port: 22
-#          source: "dev/docker-compose.dev.yml"
-#          target: "/home/ec2-user"
-
       - name: Deploy to server
         uses: appleboy/ssh-action@master
         id: deploy
@@ -62,7 +52,6 @@ jobs:
             docker rm -f $(docker ps -qa) # 기존에 실행되고 있는 도커 프로세스들을 제거합니다.
             docker rmi $(docker images -q) # 기존에 존재하는 도커 이미지들을 제거합니다.
             docker image prune -f # 사용하지 않는 도커 이미지들을 제거합니다.
+            docker-compose up -d # mysql 개발용 컨테이너를 실행합니다.
             docker pull ${{ secrets.DOCKERHUB_USERNAME }}/${{ secrets.DOCKER_REPOSITORY }}:${{ github.sha }}
-            docker run -d -p 80:8080 ${{ secrets.DOCKERHUB_USERNAME }}/${{ secrets.DOCKER_REPOSITORY }}:${{ github.sha }}
-            #docker-compose -f /home/ec2-user/docker-compose.dev.yml up -d
-
+            docker run -d -p 80:8080 ${{ secrets.DOCKERHUB_USERNAME }}/${{ secrets.DOCKER_REPOSITORY }}:${{ github.sha }} -e SPRING_PROFILES_ACTIVE=dev -e KAKAO_CLIENT_SECRET=${{ secrets.KAKAO_CLIENT_SECRET }} -e NAVER_CLIENT_SECRET=${{ secrets.NAVER_CLIENT_SECRET }} -e KAKAO_REDIRECT_URI=${{ secrets.KAKAO_REDIRECT_URI }}
diff --git a/dev/docker-compose.dev.yml b/dev/docker-compose.dev.yml
diff --git a/docker-compose.dev.yml b/docker-compose.dev.yml
@@ -0,0 +1,14 @@
+version: '3'
+  # 실행명령어
+  # docker-compose -f ./docker-compose.dev.yml up
+services:
+  zzansuni-mysql:
+    image: mysql
+    restart: always
+    volumes:
+      - ./mysql-data:/var/lib/mysql
+    ports:
+      - "3306:3306"
+    environment:
+      MYSQL_DATABASE: zzansuni
+      MYSQL_ROOT_PASSWORD: root
diff --git a/...suni-api-server/app/src/main/java/org/haedal/zzansuni/controller/auth/AuthController.java b/...suni-api-server/app/src/main/java/org/haedal/zzansuni/controller/auth/AuthController.java
@@ -12,6 +12,7 @@
 import org.springframework.data.util.Pair;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RequestHeader;
 import org.springframework.web.bind.annotation.RestController;
 
 @Tag(name = "auth", description = "인증 관련 API")
@@ -44,6 +45,20 @@ public ApiResponse<AuthRes.LoginResponse> login(@RequestBody @Valid AuthReq.Emai
         return ApiResponse.success(response);
     }
 
+    @Operation(summary = "액세스 토큰 재발급", description = "리프레시 토큰을 이용하여 액세스 토큰을 재발급한다.")
+    @PostMapping("/api/auth/refresh")
+    public ApiResponse<AuthRes.AccessTokenResponse> refresh(
+            @RequestHeader("Authorization") String authorization
+    ) {
+        if(authorization == null || !authorization.startsWith("Bearer ")) {
+            throw new IllegalArgumentException("Bearer 토큰이 필요합니다.");
+        }
+        String rawToken = authorization.substring("Bearer ".length());
+        String accessToken = authService.reissueToken(rawToken);
+        var response = AuthRes.AccessTokenResponse.of(accessToken);
+        return ApiResponse.success(response);
+    }
+
     @Operation(summary = "로그아웃", description = "로그아웃한다.")
     @PostMapping("/api/auth/logout")
     public ApiResponse<Void> logout() {

diff --git a/zzansuni-api-server/app/src/main/java/org/haedal/zzansuni/controller/auth/AuthRes.java b/zzansuni-api-server/app/src/main/java/org/haedal/zzansuni/controller/auth/AuthRes.java
@@ -21,4 +21,15 @@ public static LoginResponse from(JwtToken jwtToken, UserModel userModel) {
                     .build();
         }
     }
+
+    @Builder
+    public record AccessTokenResponse(
+            String accessToken
+    ) {
+        public static AccessTokenResponse of(String accessToken) {
+            return AccessTokenResponse.builder()
+                    .accessToken(accessToken)
+                    .build();
+        }
+    }
 }
diff --git a/zzansuni-api-server/app/src/main/java/org/haedal/zzansuni/domain/auth/AuthService.java b/zzansuni-api-server/app/src/main/java/org/haedal/zzansuni/domain/auth/AuthService.java
@@ -100,4 +100,14 @@ public Pair<JwtToken, UserModel> login(String email, String password) {
         UserModel userModel = UserModel.from(user);
         return Pair.of(jwtToken, userModel);
     }
+
+    public String reissueToken(String rawToken) {
+        if(!jwtUtils.validateToken(rawToken)){
+            throw new IllegalArgumentException("RefreshToken이 유효하지 않습니다.");
+        }
+        JwtToken.ValidToken token = JwtToken.ValidToken.of(rawToken);
+        jwtUtils.reissueAccessToken(token);
+
+        return jwtUtils.reissueAccessToken(JwtToken.ValidToken.of(rawToken));
+    }
 }
diff --git a/zzansuni-api-server/app/src/main/resources/application.yml b/zzansuni-api-server/app/src/main/resources/application.yml
@@ -25,7 +25,7 @@ springdoc:
   default-consumes-media-type: application/json;charset=UTF-8
   default-produces-media-type: application/json;charset=UTF-8
 jwt:
-  secret: 4099a46b-39db-4860-a61b-2ae76ea24c43
+  secret: ${JWT_SECRET:4099a46b-39db-4860-a61b-2ae76ea24c43}
   access-token-expire-time: 1800000 # 30 minutes
   refresh-token-expire-time: 2592000000 # 30 days
 #cloud:
@@ -51,8 +51,6 @@ spring:
       hibernate:
         dialect: org.hibernate.dialect.MySQL8Dialect
   h2.console.enabled: false
-jwt:
-  secret: ${JWT_SECRET}
 kakao:
   client-id: c959f4526a0df321dff0a8636fec3428
   client-secret: ${KAKAO_CLIENT_SECRET}