refactor: redis - refresh token 적용

tukcomCD2024 · Mar 25, 2024 · 73bcf2b · 73bcf2b
1 parent 5e467b7
commit 73bcf2b
Show file tree

Hide file tree

Showing 3 changed files with 36 additions and 21 deletions.
diff --git a/backend/core/src/main/java/com/rollthedice/backend/domain/member/service/MemberService.java b/backend/core/src/main/java/com/rollthedice/backend/domain/member/service/MemberService.java
@@ -3,6 +3,10 @@
 import com.rollthedice.backend.domain.member.dto.SignUpDto;
 import com.rollthedice.backend.domain.member.entity.Member;
 import com.rollthedice.backend.domain.member.query.AuthService;
+import com.rollthedice.backend.global.jwt.refresh.service.RefreshTokenService;
+import com.rollthedice.backend.global.jwt.service.JwtService;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
 import lombok.RequiredArgsConstructor;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;
@@ -11,10 +15,18 @@
 @Service
 public class MemberService {
     private final AuthService authService;
+    private final RefreshTokenService refreshTokenService;
+    private final JwtService jwtService;
+    private final HttpServletRequest request;
+    private final HttpServletResponse response;
 
     @Transactional
     public void signUp(SignUpDto dto) {
         Member member = authService.getMember();
         member.signUp(dto.getNickname());
+
+        String refreshToken = jwtService.createRefreshToken();
+        jwtService.setRefreshTokenHeader(response, refreshToken);
+        refreshTokenService.updateToken(member.getEmail(), refreshToken);
     }
 }
diff --git a/...ain/java/com/rollthedice/backend/global/jwt/filter/JwtAuthenticationProcessingFilter.java b/...ain/java/com/rollthedice/backend/global/jwt/filter/JwtAuthenticationProcessingFilter.java
@@ -2,6 +2,8 @@
 
 import com.rollthedice.backend.domain.member.entity.Member;
 import com.rollthedice.backend.domain.member.repository.MemberRepository;
+import com.rollthedice.backend.global.jwt.refresh.domain.RefreshToken;
+import com.rollthedice.backend.global.jwt.refresh.service.RefreshTokenService;
 import com.rollthedice.backend.global.jwt.service.JwtService;
 import com.rollthedice.backend.global.jwt.util.PasswordUtil;
 import jakarta.servlet.FilterChain;
@@ -27,14 +29,16 @@ public class JwtAuthenticationProcessingFilter extends OncePerRequestFilter {
     private static final String NO_CHECK_URL = "/login";
 
     private final JwtService jwtService;
+    private final RefreshTokenService refreshTokenService;
     private final MemberRepository memberRepository;
 
     private GrantedAuthoritiesMapper authoritiesMapper = new NullAuthoritiesMapper();
 
     @Override
-    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
+    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response,
+                                    FilterChain filterChain) throws ServletException, IOException {
         if (request.getRequestURI().equals(NO_CHECK_URL)) {
-            filterChain.doFilter(request, response);  // "/login" 요청이 들어오면, 다음 필터 호출
+            filterChain.doFilter(request, response);
             return;
         }
         String refreshToken = jwtService.extractRefreshToken(request)
@@ -46,29 +50,26 @@ protected void doFilterInternal(HttpServletRequest request, HttpServletResponse
             return;
         }
 
-        if (refreshToken == null) {
-            log.info("refresh token is null");
-            checkAccessTokenAndAuthentication(request, response, filterChain);
-        }
+        log.info("refresh token is null");
+        checkAccessTokenAndAuthentication(request, response, filterChain);
     }
 
     public void checkRefreshTokenAndReIssueAccessToken(HttpServletResponse response, String refreshToken) {
-        memberRepository.findByRefreshToken(refreshToken)
-                .ifPresent(member -> {
-                    String reIssueRefreshToken = reIssueRefreshToken(member);
-                    jwtService.sendAccessAndRefreshToken(response, jwtService.createAccessToken(member.getEmail()),
-                            reIssueRefreshToken);
-                });
+        RefreshToken refresh = refreshTokenService.findByToken(refreshToken);
+        String reIssuedRefreshToken = reIssueRefreshToken(refresh.getEmail());
+        jwtService.sendAccessAndRefreshToken(response,
+                jwtService.createAccessToken(refresh.getEmail()), reIssuedRefreshToken);
     }
 
-    private String reIssueRefreshToken(Member member) {
+    private String reIssueRefreshToken(String email) {
         String reIssuedRefreshToken = jwtService.createRefreshToken();
-        member.updateRefreshToken(reIssuedRefreshToken);
-        memberRepository.saveAndFlush(member);
+
+        refreshTokenService.updateToken(email, reIssuedRefreshToken);
         return reIssuedRefreshToken;
     }
 
-    private void checkAccessTokenAndAuthentication(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
+    private void checkAccessTokenAndAuthentication(HttpServletRequest request, HttpServletResponse response,
+        FilterChain filterChain) throws ServletException, IOException {
         jwtService.extractAccessToken(request)
                 .filter(jwtService::isTokenValid)
                 .ifPresent(accessToken -> jwtService.extractEmail(accessToken)

diff --git a/backend/core/src/main/java/com/rollthedice/backend/global/jwt/service/JwtService.java b/backend/core/src/main/java/com/rollthedice/backend/global/jwt/service/JwtService.java
@@ -3,6 +3,7 @@
 import com.auth0.jwt.JWT;
 import com.auth0.jwt.algorithms.Algorithm;
 import com.rollthedice.backend.domain.member.repository.MemberRepository;
+import com.rollthedice.backend.global.jwt.refresh.service.RefreshTokenService;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
 import lombok.Getter;
@@ -42,6 +43,7 @@ public class JwtService {
     private static final String BEARER = "Bearer ";
 
     private final MemberRepository memberRepository;
+    private final RefreshTokenService refreshTokenService;
 
     public String createAccessToken(String email) {
         Date now = new Date();
@@ -98,11 +100,7 @@ public Optional<String> extractEmail(String accessToken) {
 
     @Transactional
     public void updateRefreshToken(String email, String refreshToken) {
-        memberRepository.findByEmail(email)
-                .ifPresentOrElse(
-                        member -> member.updateRefreshToken(refreshToken),
-                        () -> new Exception("일치하는 회원이 없습니다.")
-                );
+        refreshTokenService.updateToken(email, refreshToken);
     }
 
     public boolean isTokenValid(String token) {
@@ -114,6 +112,10 @@ public boolean isTokenValid(String token) {
             return false;
         }
     }
+
+    public void setRefreshTokenHeader(HttpServletResponse response, String refreshToken) {
+        response.setHeader(refreshHeader, BEARER + refreshToken);
+    }
 }