diff --git a/src/main/java/com/jobnote/domain/refreshtoken/repository/RefreshTokenRepository.java b/src/main/java/com/jobnote/domain/refreshtoken/repository/RefreshTokenRepository.java index 3c9fb04..94d3e79 100644 --- a/src/main/java/com/jobnote/domain/refreshtoken/repository/RefreshTokenRepository.java +++ b/src/main/java/com/jobnote/domain/refreshtoken/repository/RefreshTokenRepository.java @@ -3,8 +3,11 @@ import com.jobnote.domain.refreshtoken.domain.RefreshToken; import org.springframework.data.jpa.repository.JpaRepository; +import java.util.Optional; + public interface RefreshTokenRepository extends JpaRepository { boolean existsByToken(final String token); void deleteByToken(final String token); + Optional findByToken(final String token); } diff --git a/src/main/java/com/jobnote/domain/user/controller/UserController.java b/src/main/java/com/jobnote/domain/user/controller/UserController.java index d1faabc..d325c1c 100644 --- a/src/main/java/com/jobnote/domain/user/controller/UserController.java +++ b/src/main/java/com/jobnote/domain/user/controller/UserController.java @@ -62,8 +62,8 @@ public ResponseEntity> logout(final HttpServletRequest request /* TOKEN REISSUE */ @PostMapping("/reissue") - public ResponseEntity> tokenReissue(@LoginUser CustomUserDetails principal, final HttpServletRequest request, final HttpServletResponse response) { - final Token token = authTokenService.reissue(principal.getUserId(), getValueFromCookie(request.getCookies(), COOKIE_NAME_REFRESH_TOKEN)); + public ResponseEntity> tokenReissue(final HttpServletRequest request, final HttpServletResponse response) { + final Token token = authTokenService.reissue(getValueFromCookie(request.getCookies(), COOKIE_NAME_REFRESH_TOKEN)); tokenProvider.responseToken(response, token); return ResponseEntity.ok(ApiResponse.ofSuccess(ResponseCode.OK)); } diff --git a/src/main/java/com/jobnote/domain/user/service/AuthTokenService.java b/src/main/java/com/jobnote/domain/user/service/AuthTokenService.java index c3eaff6..7e05f16 100644 --- a/src/main/java/com/jobnote/domain/user/service/AuthTokenService.java +++ b/src/main/java/com/jobnote/domain/user/service/AuthTokenService.java @@ -36,10 +36,13 @@ public Token saveAndGetToken(final Long userId) { } @Transactional - public Token reissue(final Long userId, final String existingRefreshToken) { + public Token reissue(final String existingRefreshToken) { tokenProvider.validateRefreshToken(existingRefreshToken); - invalidate(existingRefreshToken); - return saveAndGetToken(userId); + + final RefreshToken refreshToken = getRefreshTokenByToken(existingRefreshToken); + refreshTokenRepository.delete(refreshToken); + + return saveAndGetToken(refreshToken.getUser().getId()); } @Transactional @@ -60,4 +63,9 @@ private void validateExistsRefreshToken(final String existingRefreshToken) { throw new JobNoteException(NOT_FOUND_REFRESH_TOKEN); } } + + private RefreshToken getRefreshTokenByToken(final String token) { + return refreshTokenRepository.findByToken(token) + .orElseThrow(() -> new JobNoteException(NOT_FOUND_REFRESH_TOKEN)); + } } diff --git a/src/main/java/com/jobnote/global/common/Constants.java b/src/main/java/com/jobnote/global/common/Constants.java index 7707d2d..ad0c264 100644 --- a/src/main/java/com/jobnote/global/common/Constants.java +++ b/src/main/java/com/jobnote/global/common/Constants.java @@ -25,6 +25,7 @@ public abstract class Constants { public static final String[] WHITELIST = { "/api/v1/users/signup/**", "/api/v1/users/login", + "/api/v1/users/reissue", "/api/v1/users/reset-password", "/api/v1/verification-emails/**", "/oauth2/**", @@ -38,6 +39,7 @@ public abstract class Constants { "/api/v1/users/signup", "/api/v1/users/signup/social", "/api/v1/users/login", + "/api/v1/users/reissue", "/api/v1/users/reset-password", "/api/v1/verification-emails", "/api/v1/verification-emails/signup/verify",