refactor: 리프레시토큰 userId 구분

BCSDLab · Jan 11, 2024 · f03034f · f03034f
1 parent 52499bc
commit f03034f
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 3 deletions.
diff --git a/src/main/java/in/koreatech/koin/domain/user/service/UserService.java b/src/main/java/in/koreatech/koin/domain/user/service/UserService.java
@@ -1,6 +1,7 @@
 package in.koreatech.koin.domain.user.service;
 
 import in.koreatech.koin.domain.auth.JwtProvider;
+import in.koreatech.koin.domain.auth.exception.AuthException;
 import in.koreatech.koin.domain.user.dto.UserLoginRequest;
 import in.koreatech.koin.domain.user.dto.UserLoginResponse;
 import in.koreatech.koin.domain.user.dto.UserTokenRefreshRequest;
@@ -36,7 +37,7 @@ public UserLoginResponse login(UserLoginRequest request) {
         }
 
         String accessToken = jwtProvider.createToken(user);
-        String refreshToken = String.format("%s%d", UUID.randomUUID(), user.getId());
+        String refreshToken = String.format("%s-%d", UUID.randomUUID(), user.getId());
         UserToken savedToken = userTokenRepository.save(UserToken.create(user.getId(), refreshToken));
         user.updateLastLoggedTime(LocalDateTime.now());
         User saved = userRepository.save(user);
@@ -50,7 +51,8 @@ public void logout(User user) {
     }
 
     public UserTokenRefreshResponse refresh(UserTokenRefreshRequest request) {
-        UserToken userToken = userTokenRepository.findByRefreshToken(request.refreshToken())
+        String userId = getUserId(request.refreshToken());
+        UserToken userToken = userTokenRepository.findById(Long.parseLong(userId))
             .orElseThrow(() -> new IllegalArgumentException("refresh token이 존재하지 않습니다. request: " + request));
         if (!Objects.equals(userToken.getRefreshToken(), request.refreshToken())) {
             throw new IllegalArgumentException("refresh token이 일치하지 않습니다. request: " + request);
@@ -60,4 +62,12 @@ public UserTokenRefreshResponse refresh(UserTokenRefreshRequest request) {
         String accessToken = jwtProvider.createToken(user);
         return UserTokenRefreshResponse.of(accessToken, userToken.getRefreshToken());
     }
+
+    private static String getUserId(String refreshToken) {
+        String[] split = refreshToken.split("-");
+        if (split.length == 0) {
+            throw new AuthException("올바르지 않은 인증 토큰입니다. refreshToken: " + refreshToken);
+        }
+        return split[split.length - 1];
+    }
 }
diff --git a/src/test/java/in/koreatech/koin/acceptance/AuthApiTest.java b/src/test/java/in/koreatech/koin/acceptance/AuthApiTest.java
@@ -165,7 +165,6 @@ void userRefreshToken() {
         RestAssured
             .given()
             .log().all()
-            .header("Authorization", "BEARER " + response.jsonPath().getString("token"))
             .body(
                 Map.of("refresh_token", response.jsonPath().getString("refresh_token"))
             )