From cf5c0288b21a5169e72719a5745201e7b0e2157e Mon Sep 17 00:00:00 2001 From: jongmee Date: Fri, 30 Aug 2024 18:46:11 +0900 Subject: [PATCH 1/3] =?UTF-8?q?fix:=20=EC=A7=80=EC=9B=90=20=EC=83=81?= =?UTF-8?q?=ED=83=9C=20=EC=A1=B0=ED=9A=8C=20api=20response=20body=EC=97=90?= =?UTF-8?q?=20=EB=AA=A8=EC=A7=91=20=EA=B3=B5=EA=B3=A0=20=EC=BD=94=EB=93=9C?= =?UTF-8?q?=20=EC=B6=94=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../crews/recruitment/application/RecruitmentService.java | 3 ++- .../dto/response/RecruitmentStateInProgressResponse.java | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/src/main/java/com/server/crews/recruitment/application/RecruitmentService.java b/src/main/java/com/server/crews/recruitment/application/RecruitmentService.java index aa899ce8..e7829477 100644 --- a/src/main/java/com/server/crews/recruitment/application/RecruitmentService.java +++ b/src/main/java/com/server/crews/recruitment/application/RecruitmentService.java @@ -74,7 +74,8 @@ public RecruitmentStateInProgressResponse findRecruitmentStateInProgress(Long pu Recruitment recruitment = recruitmentRepository.findByPublisher(publisherId) .orElseThrow(() -> new CrewsException(ErrorCode.RECRUITMENT_NOT_FOUND)); int applicationCount = applicationRepository.countAllByRecruitment(recruitment); - return new RecruitmentStateInProgressResponse(applicationCount, recruitment.getDeadline()); + return new RecruitmentStateInProgressResponse(applicationCount, recruitment.getDeadline(), + recruitment.getCode()); } public Optional findRecruitmentDetailsInReady(Long publisherId) { diff --git a/src/main/java/com/server/crews/recruitment/dto/response/RecruitmentStateInProgressResponse.java b/src/main/java/com/server/crews/recruitment/dto/response/RecruitmentStateInProgressResponse.java index 55476353..043521f5 100644 --- a/src/main/java/com/server/crews/recruitment/dto/response/RecruitmentStateInProgressResponse.java +++ b/src/main/java/com/server/crews/recruitment/dto/response/RecruitmentStateInProgressResponse.java @@ -2,5 +2,5 @@ import java.time.LocalDateTime; -public record RecruitmentStateInProgressResponse(int applicationCount, LocalDateTime deadline) { +public record RecruitmentStateInProgressResponse(int applicationCount, LocalDateTime deadline, String code) { } From fe289251ca1b2c40512edec839e5073815fcd49d Mon Sep 17 00:00:00 2001 From: jongmee Date: Fri, 30 Aug 2024 18:47:27 +0900 Subject: [PATCH 2/3] =?UTF-8?q?chore:=20=EC=9A=B4=EC=98=81=20db=20ddl-auto?= =?UTF-8?q?=20none=EC=9C=BC=EB=A1=9C=20=EB=B3=80=EA=B2=BD?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/main/resources/config | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/main/resources/config b/src/main/resources/config index f63f6837..38064ac5 160000 --- a/src/main/resources/config +++ b/src/main/resources/config @@ -1 +1 @@ -Subproject commit f63f6837af49512c769443470e9629e521156699 +Subproject commit 38064ac5e275c136047f0416d099c38eff000d56 From 55fa3dc71b1b57665113a2b0c73a161381ed3727 Mon Sep 17 00:00:00 2001 From: jongmee Date: Fri, 30 Aug 2024 20:16:33 +0900 Subject: [PATCH 3/3] =?UTF-8?q?fix:=20=EB=A6=AC=ED=94=84=EB=A0=88=EC=8B=9C?= =?UTF-8?q?=20=ED=86=A0=ED=81=B0=20=EB=B0=9C=EA=B8=89=20=EA=B3=BC=EC=A0=95?= =?UTF-8?q?=20=EB=B3=80=EA=B2=BD=20(=EC=A0=80=EC=9E=A5=EB=90=98=EB=8A=94?= =?UTF-8?q?=20=EB=8D=B0=EC=9D=B4=ED=84=B0=EB=8F=84=20=EB=B3=80=EA=B2=BD)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../crews/auth/application/AuthService.java | 4 ++-- .../auth/application/RefreshTokenService.java | 19 ++++++++++------- .../crews/auth/domain/RefreshToken.java | 21 ++++++++++--------- .../auth/dto/response/AdminLoginResponse.java | 2 +- .../dto/response/ApplicantLoginResponse.java | 2 +- .../auth/presentation/AuthController.java | 4 ++-- .../repository/RefreshTokenRepository.java | 4 ++-- .../crews/global/exception/ErrorCode.java | 1 + .../auth/application/AuthServiceTest.java | 8 +++---- 9 files changed, 35 insertions(+), 30 deletions(-) diff --git a/src/main/java/com/server/crews/auth/application/AuthService.java b/src/main/java/com/server/crews/auth/application/AuthService.java index 8977e451..3045eaa5 100644 --- a/src/main/java/com/server/crews/auth/application/AuthService.java +++ b/src/main/java/com/server/crews/auth/application/AuthService.java @@ -31,7 +31,7 @@ public AdminLoginResponse loginForAdmin(AdminLoginRequest request) { Administrator administrator = administratorRepository.findByClubName(clubName) .orElseGet(() -> createAdmin(clubName, password)); String accessToken = jwtTokenProvider.createAccessToken(Role.ADMIN, clubName); - return new AdminLoginResponse(administrator.getId(), accessToken); + return new AdminLoginResponse(administrator.getClubName(), accessToken); } private Administrator createAdmin(String clubName, String password) { @@ -47,7 +47,7 @@ public ApplicantLoginResponse loginForApplicant(ApplicantLoginRequest request) { Applicant applicant = applicantRepository.findByEmail(email) .orElseGet(() -> createApplicant(email, password)); String accessToken = jwtTokenProvider.createAccessToken(Role.APPLICANT, email); - return new ApplicantLoginResponse(applicant.getId(), accessToken); + return new ApplicantLoginResponse(applicant.getEmail(), accessToken); } private Applicant createApplicant(String email, String password) { diff --git a/src/main/java/com/server/crews/auth/application/RefreshTokenService.java b/src/main/java/com/server/crews/auth/application/RefreshTokenService.java index 33b0bc99..1b081d9d 100644 --- a/src/main/java/com/server/crews/auth/application/RefreshTokenService.java +++ b/src/main/java/com/server/crews/auth/application/RefreshTokenService.java @@ -27,21 +27,24 @@ public RefreshTokenService(JwtTokenProvider jwtTokenProvider, RefreshTokenReposi } @Transactional - public RefreshTokenWithValidity createRefreshToken(Role role, Long id) { - String refreshToken = jwtTokenProvider.createRefreshToken(role, String.valueOf(id)); - refreshTokenRepository.deleteByOwnerId(id); - refreshTokenRepository.save(new RefreshToken(refreshToken, id)); + public RefreshTokenWithValidity createRefreshToken(Role role, String username) { + String refreshToken = jwtTokenProvider.createRefreshToken(role, username); + refreshTokenRepository.deleteByUsername(username); + refreshTokenRepository.save(new RefreshToken(username, refreshToken)); return new RefreshTokenWithValidity(refreshTokenValidityInSecond, refreshToken); } public TokenRefreshResponse renew(String refreshToken) { jwtTokenProvider.validateRefreshToken(refreshToken); - refreshTokenRepository.findByToken(refreshToken) - .orElseThrow(() -> new CrewsException(ErrorCode.INVALID_REFRESH_TOKEN)); + String username = jwtTokenProvider.getPayload(refreshToken); + RefreshToken savedRefreshToken = refreshTokenRepository.findByUsername(username) + .orElseThrow(() -> new CrewsException(ErrorCode.REFRESH_TOKEN_NOT_FOUND)); + if (!savedRefreshToken.isSameToken(refreshToken)) { + throw new CrewsException(ErrorCode.INVALID_REFRESH_TOKEN); + } - String payload = jwtTokenProvider.getPayload(refreshToken); Role role = jwtTokenProvider.getRole(refreshToken); - String accessToken = jwtTokenProvider.createAccessToken(role, payload); + String accessToken = jwtTokenProvider.createAccessToken(role, username); return new TokenRefreshResponse(accessToken); } } diff --git a/src/main/java/com/server/crews/auth/domain/RefreshToken.java b/src/main/java/com/server/crews/auth/domain/RefreshToken.java index 4d7d5065..abb656da 100644 --- a/src/main/java/com/server/crews/auth/domain/RefreshToken.java +++ b/src/main/java/com/server/crews/auth/domain/RefreshToken.java @@ -2,29 +2,30 @@ import jakarta.persistence.Column; import jakarta.persistence.Entity; -import jakarta.persistence.GeneratedValue; -import jakarta.persistence.GenerationType; import jakarta.persistence.Id; +import jakarta.persistence.Table; import lombok.AccessLevel; import lombok.Getter; import lombok.NoArgsConstructor; @Getter @Entity +@Table(name = "refresh_token") @NoArgsConstructor(access = AccessLevel.PROTECTED) public class RefreshToken { @Id - @GeneratedValue(strategy = GenerationType.IDENTITY) - private Long id; + @Column(name = "username") + private String username; - @Column(nullable = false) + @Column(nullable = false, name = "token") private String token; - @Column(nullable = false) - private Long ownerId; - - public RefreshToken(final String token, final Long ownerId) { + public RefreshToken(String username, String token) { + this.username = username; this.token = token; - this.ownerId = ownerId; + } + + public boolean isSameToken(String token) { + return this.token.equals(token); } } diff --git a/src/main/java/com/server/crews/auth/dto/response/AdminLoginResponse.java b/src/main/java/com/server/crews/auth/dto/response/AdminLoginResponse.java index b3e9ce6f..cc08c579 100644 --- a/src/main/java/com/server/crews/auth/dto/response/AdminLoginResponse.java +++ b/src/main/java/com/server/crews/auth/dto/response/AdminLoginResponse.java @@ -1,4 +1,4 @@ package com.server.crews.auth.dto.response; -public record AdminLoginResponse(Long adminId, String accessToken) { +public record AdminLoginResponse(String username, String accessToken) { } diff --git a/src/main/java/com/server/crews/auth/dto/response/ApplicantLoginResponse.java b/src/main/java/com/server/crews/auth/dto/response/ApplicantLoginResponse.java index f3a424a6..187630fc 100644 --- a/src/main/java/com/server/crews/auth/dto/response/ApplicantLoginResponse.java +++ b/src/main/java/com/server/crews/auth/dto/response/ApplicantLoginResponse.java @@ -1,4 +1,4 @@ package com.server.crews.auth.dto.response; -public record ApplicantLoginResponse(Long applicantId, String accessToken) { +public record ApplicantLoginResponse(String username, String accessToken) { } diff --git a/src/main/java/com/server/crews/auth/presentation/AuthController.java b/src/main/java/com/server/crews/auth/presentation/AuthController.java index eb10939e..f4f03598 100644 --- a/src/main/java/com/server/crews/auth/presentation/AuthController.java +++ b/src/main/java/com/server/crews/auth/presentation/AuthController.java @@ -34,7 +34,7 @@ public class AuthController { public ResponseEntity loginForAdmin(@RequestBody AdminLoginRequest request) { AdminLoginResponse loginResponse = authService.loginForAdmin(request); RefreshTokenWithValidity refreshTokenWithValidity = refreshTokenService.createRefreshToken(Role.ADMIN, - loginResponse.adminId()); + loginResponse.username()); ResponseCookie cookie = refreshTokenWithValidity.toCookie(); return ResponseEntity.status(HttpStatus.OK) .header(HttpHeaders.SET_COOKIE, cookie.toString()) @@ -48,7 +48,7 @@ public ResponseEntity loginForAdmin(@RequestBody AdminLoginR public ResponseEntity loginForApplicant(@RequestBody ApplicantLoginRequest request) { ApplicantLoginResponse loginResponse = authService.loginForApplicant(request); RefreshTokenWithValidity refreshTokenWithValidity = refreshTokenService.createRefreshToken(Role.APPLICANT, - loginResponse.applicantId()); + loginResponse.username()); ResponseCookie cookie = refreshTokenWithValidity.toCookie(); return ResponseEntity.status(HttpStatus.OK) .header(HttpHeaders.SET_COOKIE, cookie.toString()) diff --git a/src/main/java/com/server/crews/auth/repository/RefreshTokenRepository.java b/src/main/java/com/server/crews/auth/repository/RefreshTokenRepository.java index b453a073..00db412f 100644 --- a/src/main/java/com/server/crews/auth/repository/RefreshTokenRepository.java +++ b/src/main/java/com/server/crews/auth/repository/RefreshTokenRepository.java @@ -5,7 +5,7 @@ import org.springframework.data.jpa.repository.JpaRepository; public interface RefreshTokenRepository extends JpaRepository { - void deleteByOwnerId(Long id); + void deleteByUsername(String username); - Optional findByToken(String token); + Optional findByUsername(String username); } diff --git a/src/main/java/com/server/crews/global/exception/ErrorCode.java b/src/main/java/com/server/crews/global/exception/ErrorCode.java index 2760b6e3..52b79a61 100644 --- a/src/main/java/com/server/crews/global/exception/ErrorCode.java +++ b/src/main/java/com/server/crews/global/exception/ErrorCode.java @@ -25,6 +25,7 @@ public enum ErrorCode { INVALID_ACCESS_TOKEN(HttpStatus.UNAUTHORIZED, "유효하지 않은 access token 입니다."), USER_NOT_FOUND(HttpStatus.UNAUTHORIZED, "존재하지 않는 사용자입니다."), UNAUTHORIZED_USER(HttpStatus.UNAUTHORIZED, "권한이 없는 사용자입니다."), + REFRESH_TOKEN_NOT_FOUND(HttpStatus.UNAUTHORIZED, "존재하지 않는 리프레시 토큰입니다."), RECRUITMENT_NOT_FOUND(HttpStatus.NOT_FOUND, "존재하지 않는 모집 지원서 양식입니다."), APPLICATION_NOT_FOUND(HttpStatus.NOT_FOUND, "존재하지 않는 지원서입니다."), diff --git a/src/test/java/com/server/crews/auth/application/AuthServiceTest.java b/src/test/java/com/server/crews/auth/application/AuthServiceTest.java index 2f0bd15e..6215fbc6 100644 --- a/src/test/java/com/server/crews/auth/application/AuthServiceTest.java +++ b/src/test/java/com/server/crews/auth/application/AuthServiceTest.java @@ -44,7 +44,7 @@ void loginNotSignedUpAdmin() { AdminLoginResponse adminLoginResponse = authService.loginForAdmin(request); // then - Optional createdAdmin = administratorRepository.findById(adminLoginResponse.adminId()); + Optional createdAdmin = administratorRepository.findByClubName(adminLoginResponse.username()); assertSoftly(softAssertions -> { softAssertions.assertThat(createdAdmin).isNotEmpty(); softAssertions.assertThat(adminLoginResponse.accessToken()).isNotNull(); @@ -62,7 +62,7 @@ void loginAdmin() { AdminLoginResponse adminLoginResponse = authService.loginForAdmin(request); // then - Optional createdAdmin = administratorRepository.findById(adminLoginResponse.adminId()); + Optional createdAdmin = administratorRepository.findByClubName(adminLoginResponse.username()); assertSoftly(softAssertions -> { softAssertions.assertThat(createdAdmin).isNotEmpty(); softAssertions.assertThat(adminLoginResponse.accessToken()).isNotNull(); @@ -81,7 +81,7 @@ void loginNotSignedUpApplicant() { ApplicantLoginResponse applicantLoginResponse = authService.loginForApplicant(request); // then - Optional createdApplicant = applicantRepository.findById(applicantLoginResponse.applicantId()); + Optional createdApplicant = applicantRepository.findByEmail(applicantLoginResponse.username()); assertSoftly(softAssertions -> { softAssertions.assertThat(createdApplicant).isNotEmpty(); softAssertions.assertThat(applicantLoginResponse.accessToken()).isNotNull(); @@ -99,7 +99,7 @@ void loginApplicant() { ApplicantLoginResponse applicantLoginResponse = authService.loginForApplicant(request); // then - Optional createdApplicant = applicantRepository.findById(applicantLoginResponse.applicantId()); + Optional createdApplicant = applicantRepository.findByEmail(applicantLoginResponse.username()); assertSoftly(softAssertions -> { softAssertions.assertThat(createdApplicant).isNotEmpty(); softAssertions.assertThat(applicantLoginResponse.accessToken()).isNotNull();