Skip to content

Commit

Permalink
Merge pull request #38 from ddglackrp/develop
Browse files Browse the repository at this point in the history
[스프린트 4] 장진영 - Refresh Token을 활용한 사용자 경험 개선 기능 추가
  • Loading branch information
ddglackrp authored Dec 4, 2024
2 parents c22405f + e657897 commit bcfe3c5
Show file tree
Hide file tree
Showing 3 changed files with 17 additions and 8 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -56,7 +56,7 @@ public ResponseEntity<ApiResponse<?>> reissue(HttpServletRequest request, HttpSe

response.setHeader(AuthConstant.AUTHORIZATION, AuthConstant.BEARER + newAccess);
response.addCookie(CookieUtils.createCookie(AuthConstant.ACCESS_TOKEN, newAccess));
response.addCookie(CookieUtils.createCookie(AuthConstant.REFRESH_TOKEN, newRefresh));
response.addCookie(CookieUtils.createCookieWithHttpOnly(AuthConstant.REFRESH_TOKEN, newRefresh));

return ResponseEntity.status(HttpStatus.OK)
.contentType(MediaType.APPLICATION_JSON)
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -48,13 +48,12 @@ public void onAuthenticationSuccess(HttpServletRequest request, HttpServletRespo

Optional<RefreshToken> findRefreshToken = refreshTokenService.findRefreshToken(customUserDetails.getMember().getId());

String refreshToken = null;
String refreshToken = jwtUtil.generateRefreshToken(uuid, role);

if (findRefreshToken.isEmpty()) {
refreshToken = jwtUtil.generateRefreshToken(uuid, role);
refreshTokenService.addRefreshEntity(refreshToken, uuid, jwtUtil.getRefreshExpiredTime());
} else {
refreshToken = findRefreshToken.get().getToken();
refreshTokenService.renewalRefreshToken(findRefreshToken.get().getToken(), refreshToken, jwtUtil.getRefreshExpiredTime());
}

String accessToken = jwtUtil.generateAccessToken(uuid, role);
Expand All @@ -71,9 +70,9 @@ public void onAuthenticationSuccess(HttpServletRequest request, HttpServletRespo
}
}

private void setInformationInResponse(HttpServletResponse response, String accessToken, String refreshToken) throws IOException {
private void setInformationInResponse(HttpServletResponse response, String accessToken, String refreshToken) {
Cookie access = CookieUtils.createCookie(ACCESS_TOKEN, accessToken);
Cookie refresh = CookieUtils.createCookie(REFRESH_TOKEN, refreshToken);
Cookie refresh = CookieUtils.createCookieWithHttpOnly(REFRESH_TOKEN, refreshToken);

response.addCookie(access);
response.addCookie(refresh);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -11,16 +11,26 @@
@Slf4j
public class CookieUtils {

public static Cookie createCookie(String key, String value) {
public static Cookie createCookieWithHttpOnly(String key, String value) {
Cookie cookie = new Cookie(key, value);
cookie.setMaxAge(60 * 60);
//cookie.setSecure(true);
cookie.setSecure(true);
cookie.setPath("/");
cookie.setHttpOnly(true);

return cookie;
}

public static Cookie createCookie(String key, String value) {
Cookie cookie = new Cookie(key, value);
cookie.setMaxAge(60 * 60);
cookie.setSecure(true);
cookie.setPath("/");
cookie.setHttpOnly(false);

return cookie;
}

public static void clearCookie(HttpServletResponse response) {
Cookie cookie = new Cookie(REFRESH_TOKEN, null);
cookie.setMaxAge(0);
Expand Down

0 comments on commit bcfe3c5

Please sign in to comment.