Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[#29] refresh token 재발급 API 추가 #30

Merged
merged 2 commits into from
Sep 2, 2024
Merged

[#29] refresh token 재발급 API 추가 #30

merged 2 commits into from
Sep 2, 2024

Conversation

youngreal
Copy link
Member

@youngreal youngreal commented Sep 2, 2024
edited
Loading

@youngreal youngreal added the enhancement New feature or request label Sep 2, 2024
@youngreal youngreal requested a review from min-0 September 2, 2024 03:08
@youngreal youngreal self-assigned this Sep 2, 2024
@youngreal youngreal linked an issue Sep 2, 2024 that may be closed by this pull request
refresh token 재발급 API #29
Closed
@min-0
Copy link
Member

min-0 commented Sep 2, 2024

올려주신 링크가 로그인을 안하면 확인을 할 수가 없는 것 같은데, 이 아래 이미지와 같은건가용 ?
아니라면 혹시 캡쳐 등으로 미리보기 가능할까요 ~?

image

@youngreal
Copy link
Member Author

올려주신 링크가 로그인을 안하면 확인을 할 수가 없는 것 같은데, 이 아래 이미지와 같은건가용 ? 아니라면 혹시 캡쳐 등으로 미리보기 가능할까요 ~?

image

넵 그 이미지 맞습니다 편집권한은 구글로그인 해야될거에요

min-0
min-0 reviewed Sep 2, 2024
View reviewed changes
src/main/java/com/dnd/dndtravel/auth/service/JwtTokenService.java
Comment on lines +40 to +44
//RTR
refreshTokenRepository.delete(refreshToken);
String newRefreshToken = jwtProvider.refreshToken();
refreshTokenRepository.save(RefreshToken.of(refreshToken.getMemberId(), newRefreshToken));
return new ReissueTokenResponse(jwtProvider.accessToken(refreshToken.getMemberId()), newRefreshToken);
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Refresh Token Rotation전략이 해당 부분 리프레시 토큰 요청 시 기존 토큰을 폐기하고, 새 토큰을 클라이언트에 발급하는 것이군용
뭔가 간단한 논리인데 토큰 탈취를 막고 보안성을 높일 수 있다는 것이 신기함니당

min-0
min-0 approved these changes Sep 2, 2024
View reviewed changes
Copy link
Member

@min-0 min-0 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

rtr전략! 하나 배워가네용 고생하셨습니다!!

@youngreal youngreal merged commit 3fc3289 into main Sep 2, 2024
1 check passed
@youngreal youngreal deleted the feat/#29 branch September 10, 2024 18:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@min-0 min-0 min-0 approved these changes

Assignees

@youngreal youngreal

Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

refresh token 재발급 API
2 participants
@youngreal @min-0