Merge pull request #89 from uju-in/LIME-165-change-refresh-token-storage

uju-in · Apr 13, 2024 · a7b0897 · a7b0897
2 parents 291f140 + 7933108
commit a7b0897
Show file tree

Hide file tree

Showing 3 changed files with 48 additions and 11 deletions.
diff --git a/lime-api/src/main/java/com/programmers/lime/domains/auth/application/OAuthUserService.java b/lime-api/src/main/java/com/programmers/lime/domains/auth/application/OAuthUserService.java
@@ -9,7 +9,7 @@
 import com.programmers.lime.domains.member.domain.vo.SocialType;
 import com.programmers.lime.domains.member.implementation.MemberAppender;
 import com.programmers.lime.domains.member.implementation.MemberReader;
-import com.programmers.lime.global.config.security.jwt.JwtService;
+import com.programmers.lime.global.config.security.SecurityManager;
 
 import lombok.RequiredArgsConstructor;
 
@@ -20,7 +20,7 @@ public class OAuthUserService {
 	private final KakaoOAuthClient kakaoOAuthClient;
 	private final MemberAppender memberAppender;
 	private final MemberReader memberReader;
-	private final JwtService jwtService;
+	private final SecurityManager securityManager;
 
 	@Transactional
 	public MemberLoginServiceResponse login(final String code) {
@@ -32,8 +32,8 @@ public MemberLoginServiceResponse login(final String code) {
 			SocialType.KAKAO
 		).orElseGet(() -> saveMember(response));
 
-		String accessToken = jwtService.generateAccessToken(String.valueOf(foundMember.getId()));
-		String refreshToken = jwtService.generateRefreshToken();
+		String accessToken = securityManager.generateAccessToken(foundMember.getId());
+		String refreshToken = securityManager.generateRefreshToken(foundMember.getId());
 
 		return MemberLoginServiceResponse.from(foundMember, accessToken, refreshToken);
 	}

diff --git a/lime-api/src/main/java/com/programmers/lime/global/config/security/SecurityManager.java b/lime-api/src/main/java/com/programmers/lime/global/config/security/SecurityManager.java
@@ -1,11 +1,11 @@
 package com.programmers.lime.global.config.security;
 
-import org.springframework.cache.CacheManager;
 import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.stereotype.Component;
 
 import com.programmers.lime.global.config.security.jwt.JwtService;
+import com.programmers.lime.redis.token.RefreshTokenManager;
 
 import io.jsonwebtoken.JwtException;
 import lombok.RequiredArgsConstructor;
@@ -14,11 +14,9 @@
 @RequiredArgsConstructor
 public class SecurityManager {
 
-	public static final String REFRESH_TOKEN_CACHE = "refreshToken";
-
 	private final JwtService jwtService;
 	private final AuthenticationManager authenticationManager;
-	private final CacheManager cacheManager;
+	private final RefreshTokenManager refreshTokenManager;
 
 	public void authenticate(
 		final Long memberId,
@@ -36,20 +34,24 @@ public String generateAccessToken(final Long memberId) {
 
 	public String generateRefreshToken(final Long memberId) {
 		final String refreshToken = jwtService.generateRefreshToken();
-		cacheManager.getCache(REFRESH_TOKEN_CACHE).put(refreshToken, memberId);
+		refreshTokenManager.addRefreshToken(refreshToken, memberId);
 
 		return refreshToken;
 	}
 
 	public void removeRefreshToken(final String refreshToken) {
-		cacheManager.getCache(REFRESH_TOKEN_CACHE).evict(refreshToken);
+		refreshTokenManager.deleteRefreshToken(refreshToken);
 	}
 
 	public String reissueAccessToken(final String refreshToken, final String authorizationHeader) {
 		final String accessToken = authorizationHeader.substring(7);
 
 		if (jwtService.isRefreshValidAndAccessInValid(refreshToken, accessToken)) {
-			final Long memberId = cacheManager.getCache(REFRESH_TOKEN_CACHE).get(refreshToken, Long.class);
+			final Long memberId = refreshTokenManager.getMemberId(refreshToken);
+
+			if (memberId == null) {
+				throw new JwtException("Refresh Token이 유효하지 않습니다.");
+			}
 
 			return generateAccessToken(memberId);
 		}

diff --git a/lime-infrastructure/src/main/java/com/programmers/lime/redis/token/RefreshTokenManager.java b/lime-infrastructure/src/main/java/com/programmers/lime/redis/token/RefreshTokenManager.java
@@ -0,0 +1,35 @@
+package com.programmers.lime.redis.token;
+
+import java.util.concurrent.TimeUnit;
+
+import org.springframework.data.redis.core.RedisTemplate;
+import org.springframework.stereotype.Component;
+
+import lombok.RequiredArgsConstructor;
+
+@Component
+@RequiredArgsConstructor
+public class RefreshTokenManager {
+
+	public static final int EXPIRE_TIME = 1209600;
+	public static final String key = "REFRESH_TOKEN_";
+	private final RedisTemplate<String, Object> redisTemplate;
+
+	public void addRefreshToken(
+		final String refreshToken,
+		final Long memberId
+	) {
+		redisTemplate.opsForValue().set(key + refreshToken, memberId);
+		redisTemplate.expire(key + refreshToken, EXPIRE_TIME, TimeUnit.SECONDS);
+	}
+
+	public Long getMemberId(final String refreshToken) {
+		Object memberId = redisTemplate.opsForValue().get(key + refreshToken);
+
+		return memberId == null ? null : ((Integer) memberId).longValue();
+	}
+
+	public void deleteRefreshToken(final String refreshToken) {
+		redisTemplate.delete(key + refreshToken);
+	}
+}