Skip to content

Commit

Permalink
add: 토큰 발급시 클라에서 토큰 만료시간 설정하게끔 변경 + Exception 추가 (#18)
Browse files Browse the repository at this point in the history
  • Loading branch information
@dong2ast
dong2ast authored Jul 7, 2023
1 parent fa079bb commit b82fcca
Show file tree
Hide file tree
Showing 6 changed files with 24 additions and 14 deletions.
1 change: 1 addition & 0 deletions src/main/java/org/sophy/sophy/controller/AuthController.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,7 @@ public ApiResponseDto<MemberResponseDto> signup(@RequestBody MemberRequestDto me

@PostMapping("/login")
public ApiResponseDto<TokenDto> login(@RequestBody MemberLoginRequestDto memberLoginRequestDto) {
System.out.println(memberLoginRequestDto.getEmail() + memberLoginRequestDto.getAccessTokenExpiredTime());
return ApiResponseDto.success(SuccessStatus.LOGIN_SUCCESS, authService.login(memberLoginRequestDto));
}

Expand Down
13 changes: 6 additions & 7 deletions src/main/java/org/sophy/sophy/controller/dto/request/MemberLoginRequestDto.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,15 +3,9 @@
import lombok.AccessLevel;
import lombok.Getter;
import lombok.NoArgsConstructor;
import org.sophy.sophy.domain.Authority;
import org.sophy.sophy.domain.Member;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.crypto.password.PasswordEncoder;

import javax.validation.constraints.Email;
import javax.validation.constraints.NotBlank;
import javax.validation.constraints.NotNull;
import javax.validation.constraints.Pattern;
import javax.validation.constraints.*;

@Getter
@NoArgsConstructor(access = AccessLevel.PRIVATE)
Expand All @@ -27,6 +21,11 @@ public class MemberLoginRequestDto {
)
private String password;

@NotEmpty(message = "accessToken 만료시간을 설정해주세요.")
private long accessTokenExpiredTime;
@NotEmpty(message = "refreshToken 만료시간을 설정해주세요.")
private long refreshTokenExpiredTime;

public UsernamePasswordAuthenticationToken toAuthentication() {
return new UsernamePasswordAuthenticationToken(email, password);
}
Expand Down
5 changes: 5 additions & 0 deletions src/main/java/org/sophy/sophy/controller/dto/request/TokenRequestDto.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,4 +12,9 @@ public class TokenRequestDto {
private String accessToken;
@NotEmpty(message = "Refresh 토큰을 입력해주세요")
private String refreshToken;

@NotEmpty(message = "accessToken 만료시간을 설정해주세요.")
private Long accessTokenExpiredTime;
@NotEmpty(message = "refreshToken 만료시간을 설정해주세요.")
private Long refreshTokenExpiredTime;
}
5 changes: 5 additions & 0 deletions src/main/java/org/sophy/sophy/jwt/JwtExceptionFilter.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,11 @@ protected void doFilterInternal(HttpServletRequest request, HttpServletResponse
filterChain.doFilter(request, response);
} catch (JwtException exception) {
setErrorResponse(HttpStatus.UNAUTHORIZED, response, exception);
} catch (NullPointerException e) {
response.setStatus(400);
response.setContentType("application/json; charset=UTF-8");

response.getWriter().write(objectMapper.writeValueAsString(ApiResponseDto.error(ErrorStatus.VALIDATION_EXCEPTION)));
}
}

Expand Down
10 changes: 5 additions & 5 deletions src/main/java/org/sophy/sophy/jwt/TokenProvider.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,11 +26,9 @@
public class TokenProvider {
private static final String AUTHORITIES_KEY = "auth";
private static final String BEARER_TYPE = "Bearer";
private static final long ACCESS_TOKEN_EXPIRE_TIME = 1000 * 10;
// private static final long ACCESS_TOKEN_EXPIRE_TIME = 1000 * 60 * 30;
private static final long REFRESH_TOKEN_EXPIRE_TIME = 1000 * 30;
// private static final long REFRESH_TOKEN_EXPIRE_TIME = 1000 * 60 * 60 * 24 * 7;

private static long ACCESS_TOKEN_EXPIRE_TIME;
private static long REFRESH_TOKEN_EXPIRE_TIME;
private final Key key;

//빈 생성 때 key 값 세팅
Expand All @@ -44,12 +42,14 @@ public long getRefreshTokenExpireTime() {
}

//로그인 시
public TokenDto generateTokenDto(Authentication authentication) {
public TokenDto generateTokenDto(Authentication authentication, long accessTokenExpiredTime, long refreshTokenExpiredTime) {
//권한들 가져오기
String authorities = authentication.getAuthorities().stream()
.map(GrantedAuthority::getAuthority)
.collect(Collectors.joining(","));

ACCESS_TOKEN_EXPIRE_TIME = accessTokenExpiredTime * 1000;
REFRESH_TOKEN_EXPIRE_TIME = refreshTokenExpiredTime * 1000;
long now = (new Date()).getTime();

//Access Token 생성
Expand Down
4 changes: 2 additions & 2 deletions src/main/java/org/sophy/sophy/service/AuthService.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -63,7 +63,7 @@ public TokenDto login(MemberLoginRequestDto memberLoginRequestDto) {
Authentication authentication = authenticationManagerBuilder.getObject().authenticate(authenticationToken);

// 3. 인증 정보를 기반으로 JWT 토큰 생성
TokenDto tokenDto = tokenProvider.generateTokenDto(authentication);
TokenDto tokenDto = tokenProvider.generateTokenDto(authentication, memberLoginRequestDto.getAccessTokenExpiredTime(), memberLoginRequestDto.getRefreshTokenExpiredTime());

// 4. RefreshToken 저장
redisTemplate.opsForValue().set("RT:" + authentication.getName(),
Expand Down Expand Up @@ -91,7 +91,7 @@ public TokenDto reissue(TokenRequestDto tokenRequestDto){
}

// 5. 새로운 토큰 생성
TokenDto tokenDto = tokenProvider.generateTokenDto(authentication);
TokenDto tokenDto = tokenProvider.generateTokenDto(authentication, tokenRequestDto.getAccessTokenExpiredTime(), tokenRequestDto.getRefreshTokenExpiredTime());

// 6. 저장소 정보 업데이트
redisTemplate.opsForValue().set("RT:" + authentication.getName(),
Expand Down

0 comments on commit b82fcca

Please sign in to comment.