diff --git a/security-core/src/main/java/org/fycd/bigdata/config/jwt/AuthEntryPointJwt.java b/security-core/src/main/java/org/fycd/bigdata/config/jwt/AuthEntryPointJwt.java index 8df83d6..a8f632a 100644 --- a/security-core/src/main/java/org/fycd/bigdata/config/jwt/AuthEntryPointJwt.java +++ b/security-core/src/main/java/org/fycd/bigdata/config/jwt/AuthEntryPointJwt.java @@ -19,7 +19,7 @@ public class AuthEntryPointJwt implements AuthenticationEntryPoint { @Override public void commence(HttpServletRequest request, HttpServletResponse response, org.springframework.security.core.AuthenticationException authException) throws IOException, ServletException { - log.error("Unauthorized error: {}", authException.getMessage()); +// log.error("未授權的請求: {}", authException.getMessage()); response.setContentType(MediaType.APPLICATION_JSON_VALUE); response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); diff --git a/security-core/src/main/java/org/fycd/bigdata/exception/TokenRefreshException.java b/security-core/src/main/java/org/fycd/bigdata/exception/TokenRefreshException.java new file mode 100644 index 0000000..f38637e --- /dev/null +++ b/security-core/src/main/java/org/fycd/bigdata/exception/TokenRefreshException.java @@ -0,0 +1,13 @@ +package org.fycd.bigdata.exception; + +import org.springframework.http.HttpStatus; +import org.springframework.web.bind.annotation.ResponseStatus; + +import java.text.MessageFormat; + +@ResponseStatus(HttpStatus.FORBIDDEN) +public class TokenRefreshException extends RuntimeException{ + public TokenRefreshException(String token, String message) { + super(MessageFormat.format("Failed for {0}: {1}", token, message)); + } +} diff --git a/security-core/src/main/java/org/fycd/bigdata/repository/dao/RefreshTokenDaoSub.java b/security-core/src/main/java/org/fycd/bigdata/repository/dao/RefreshTokenDaoSub.java index b37fbf0..5765240 100644 --- a/security-core/src/main/java/org/fycd/bigdata/repository/dao/RefreshTokenDaoSub.java +++ b/security-core/src/main/java/org/fycd/bigdata/repository/dao/RefreshTokenDaoSub.java @@ -1,11 +1,25 @@ package org.fycd.bigdata.repository.dao; import org.fycd.bigdata.pojo.RefreshTokenSub; +import org.fycd.bigdata.pojo.UserSub; import org.springframework.stereotype.Repository; +import java.util.Optional; + @Repository public class RefreshTokenDaoSub { - public RefreshTokenSub findByToken(String token) { - return new RefreshTokenSub(); + public Optional findByToken(String token) { + return Optional.of(new RefreshTokenSub()); + } + + public void delete(RefreshTokenSub token) { + + } + + public void save(RefreshTokenSub token) { + } + + public int deleteByUser(UserSub userSub) { + return 1; } } diff --git a/security-core/src/main/java/org/fycd/bigdata/repository/dao/UserDaoSub.java b/security-core/src/main/java/org/fycd/bigdata/repository/dao/UserDaoSub.java index 34a333c..ce2a370 100644 --- a/security-core/src/main/java/org/fycd/bigdata/repository/dao/UserDaoSub.java +++ b/security-core/src/main/java/org/fycd/bigdata/repository/dao/UserDaoSub.java @@ -10,4 +10,8 @@ public class UserDaoSub { public Optional findByUsername (String username) { return Optional.of(new UserSub()); } + + public Optional findById (Long id) { + return Optional.of(new UserSub()); + } } diff --git a/security-core/src/main/java/org/fycd/bigdata/service/RefreshTokenService.java b/security-core/src/main/java/org/fycd/bigdata/service/RefreshTokenService.java new file mode 100644 index 0000000..bd281e5 --- /dev/null +++ b/security-core/src/main/java/org/fycd/bigdata/service/RefreshTokenService.java @@ -0,0 +1,53 @@ +package org.fycd.bigdata.service; + +import lombok.RequiredArgsConstructor; +import org.fycd.bigdata.exception.TokenRefreshException; +import org.fycd.bigdata.pojo.RefreshTokenSub; +import org.fycd.bigdata.repository.dao.RefreshTokenDaoSub; +import org.fycd.bigdata.repository.dao.UserDaoSub; +import org.springframework.beans.factory.annotation.Value; +import org.springframework.stereotype.Service; +import org.springframework.transaction.annotation.Transactional; + +import java.time.LocalDateTime; +import java.util.Optional; +import java.util.UUID; + +@Service +@RequiredArgsConstructor +public class RefreshTokenService { + @Value("${app.security.jwtExpiration") + private Long refreshTokenDuration; + + private final UserDaoSub userDao; + private final RefreshTokenDaoSub refreshTokenDao; + + public Optional findByToken(String token) { + return refreshTokenDao.findByToken(token); + } + + public RefreshTokenSub createRefreshToken(Long userId) { + RefreshTokenSub refreshToken = new RefreshTokenSub(); + + refreshToken.setUser(userDao.findById(userId).get()); + refreshToken.setExpiryDate(LocalDateTime.now().plusSeconds(refreshTokenDuration)); + refreshToken.setToken(UUID.randomUUID().toString()); + + refreshTokenDao.save(refreshToken); + return refreshToken; + } + + public RefreshTokenSub verifyExpiration(RefreshTokenSub token) { + if (token.getExpiryDate().compareTo(LocalDateTime.now()) < 0) { + refreshTokenDao.delete(token); + throw new TokenRefreshException(token.getToken(), "Refresh Token 已過期"); + } + + return token; + } + + @Transactional + public int deleteByUserId(Long userId) { + return refreshTokenDao.deleteByUser(userDao.findById(userId).get()); + } +} diff --git a/src/main/resources/application-dev.yml b/src/main/resources/application-dev.yml index 44e95ff..1ae69ee 100644 --- a/src/main/resources/application-dev.yml +++ b/src/main/resources/application-dev.yml @@ -1,4 +1,4 @@ app: security: jwtSecret: asdnkqldwk;l!@NLKASd12inkasldlxv.,xcvmkasldkqwe - jwtExpirationMs: 86400000 \ No newline at end of file + jwtExpiration: 86400000 \ No newline at end of file diff --git a/src/main/resources/application-prod.yml b/src/main/resources/application-prod.yml index 44e95ff..1ae69ee 100644 --- a/src/main/resources/application-prod.yml +++ b/src/main/resources/application-prod.yml @@ -1,4 +1,4 @@ app: security: jwtSecret: asdnkqldwk;l!@NLKASd12inkasldlxv.,xcvmkasldkqwe - jwtExpirationMs: 86400000 \ No newline at end of file + jwtExpiration: 86400000 \ No newline at end of file diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml index 8b33e06..caf4dfc 100644 --- a/src/main/resources/application.yml +++ b/src/main/resources/application.yml @@ -1,7 +1,3 @@ spring: profiles: - active: dev -app: - security: - jwtSecret: asdnkqldwk;l!@NLKASd12inkasldlxv.,xcvmkasldkqwe - jwtExpirationMs: 86400000 \ No newline at end of file + active: dev \ No newline at end of file