Merge pull request #112 from JA-yeong-eop-JA-moeu-JA/feat/#110-logout

✨ feat: 로그아웃 기능 추가 및 토큰 재발급 로직 추가

Author: floreo1242

build.gradle

@@ -60,6 +60,9 @@ dependencies {
 
 	// S3
 	implementation 'org.springframework.cloud:spring-cloud-starter-aws:2.2.6.RELEASE'
+
+	// Redis
+	implementation 'org.springframework.boot:spring-boot-starter-data-redis'
 }
 
 tasks.named('test') {

src/main/java/com/jajaja/domain/auth/controller/AuthController.java

@@ -3,6 +3,7 @@
 import com.jajaja.domain.auth.dto.TokenResponseDto;
 import com.jajaja.domain.auth.service.AuthService;
 import com.jajaja.global.apiPayload.ApiResponse;
+import com.jajaja.global.security.annotation.Auth;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.Parameter;
 import jakarta.servlet.http.HttpServletResponse;
@@ -36,4 +37,14 @@ public ApiResponse<?> reissueToken(
         authService.reissueToken(refreshToken, response);
         return ApiResponse.onSuccess(null);
     }
+
+    @Operation(
+            summary = "로그아웃 API | by 지안/윤진수",
+            description = "로그아웃을 수행하고 쿠키를 삭제합니다."
+    )
+    @PostMapping("/logout")
+    public ApiResponse<?> logout(@Auth Long memberId, HttpServletResponse response) {
+        authService.logout(memberId, response);
+        return ApiResponse.onSuccess(null);
+    }
 }

src/main/java/com/jajaja/domain/auth/service/AuthService.java

@@ -1,6 +1,8 @@
 package com.jajaja.domain.auth.service;
 
 import com.jajaja.domain.auth.dto.TokenResponseDto;
+import com.jajaja.domain.redis.entity.RefreshToken;
+import com.jajaja.domain.redis.repository.RefreshTokenRepository;
 import com.jajaja.global.apiPayload.code.status.ErrorStatus;
 import com.jajaja.global.apiPayload.exception.custom.UnauthorizedException;
 import com.jajaja.global.security.jwt.JwtProvider;
@@ -18,6 +20,7 @@
 public class AuthService {
 
     private final JwtProvider jwtProvider;
+    private final RefreshTokenRepository refreshTokenRepository;
 
     public TokenResponseDto getToken(Long memberId) {
         Authentication authentication = new UsernamePasswordAuthenticationToken(String.valueOf(memberId), null, null);
@@ -32,10 +35,30 @@ public void reissueToken(String refreshToken, HttpServletResponse response) {
         }
         jwtProvider.validateRefreshToken(refreshToken);
         Authentication authentication = jwtProvider.getAuthentication(refreshToken);
-        // TODO: Redis에 저장된 refreshToken과 비교하여 일치하는지 확인
+
+        // Redis에 저장된 refreshToken과 비교하여 일치하는지 확인
+        String memberId = authentication.getName();
+        RefreshToken refreshTokenEntity = refreshTokenRepository.findById(memberId)
+                .orElseThrow(() -> new UnauthorizedException(ErrorStatus.NOT_MATCH_REFRESH_TOKEN));
+        if (!refreshTokenEntity.getRefreshToken().equals(refreshToken)) {
+            throw new UnauthorizedException(ErrorStatus.NOT_MATCH_REFRESH_TOKEN);
+        }
+
+        // 새로 accessToken과 refreshToken 발급
         String newAccessToken = jwtProvider.generateAccessToken(authentication);
         String newRefreshToken = jwtProvider.generateRefreshToken(authentication);
-        // TODO: Redis에 새로 발급한 refreshToken 저장
+
+        // Redis에 새로 발급한 refreshToken 저장
+        RefreshToken newRefreshTokenEntity = new RefreshToken(memberId, newRefreshToken);
+        refreshTokenRepository.save(newRefreshTokenEntity);
+
         jwtProvider.writeTokenCookies(response, newAccessToken, newRefreshToken);
     }
+
+    public void logout(Long memberId, HttpServletResponse response) {
+        refreshTokenRepository.deleteById(memberId.toString());
+        String accessToken = "";
+        String refreshToken = "";
+        jwtProvider.writeTokenCookies(response, accessToken, refreshToken);
+    }
 }

src/main/java/com/jajaja/domain/redis/entity/RefreshToken.java

@@ -0,0 +1,24 @@
+package com.jajaja.domain.redis.entity;
+
+import lombok.Builder;
+import lombok.Getter;
+import lombok.RequiredArgsConstructor;
+import org.springframework.data.annotation.Id;
+import org.springframework.data.redis.core.RedisHash;
+
+@Getter
+@RequiredArgsConstructor
+@RedisHash(value = "refresh_token", timeToLive = 604800)
+public class RefreshToken {
+
+    @Id
+    private String memberId;
+
+    private String refreshToken;
+
+    @Builder
+    public RefreshToken(String memberId, String refreshToken) {
+        this.memberId = memberId;
+        this.refreshToken = refreshToken;
+    }
+}

src/main/java/com/jajaja/domain/redis/repository/RefreshTokenRepository.java

@@ -0,0 +1,7 @@
+package com.jajaja.domain.redis.repository;
+
+import com.jajaja.domain.redis.entity.RefreshToken;
+import org.springframework.data.repository.CrudRepository;
+
+public interface RefreshTokenRepository extends CrudRepository<RefreshToken, String> {
+}

src/main/java/com/jajaja/global/config/RedisConfig.java

@@ -0,0 +1,24 @@
+package com.jajaja.global.config;
+
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.data.redis.connection.RedisConnectionFactory;
+import org.springframework.data.redis.connection.lettuce.LettuceConnectionFactory;
+import org.springframework.data.redis.repository.configuration.EnableRedisRepositories;
+
+@Configuration
+@EnableRedisRepositories
+public class RedisConfig {
+
+    @Value("${spring.data.redis.port}")
+    private int port;
+
+    @Value("${spring.data.redis.host}")
+    private String host;
+
+    @Bean
+    public RedisConnectionFactory redisConnectionFactory() {
+        return new LettuceConnectionFactory(host, port);
+    }
+}

src/main/java/com/jajaja/global/security/jwt/JwtProvider.java

@@ -13,6 +13,7 @@
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.Authentication;
 import org.springframework.stereotype.Component;
+import org.springframework.util.StringUtils;
 
 import javax.crypto.SecretKey;
 import java.util.Date;
@@ -85,19 +86,19 @@ public void writeTokenCookies(HttpServletResponse response, String accessToken,
                 .httpOnly(true)
                 .secure(secure)
                 .sameSite(sameSite)
-                .maxAge(jwtProperties.getExpiration().getAccess() / 1000);
+                .maxAge(StringUtils.hasText(accessToken) ? jwtProperties.getExpiration().getAccess() / 1000 : 0);
 
         ResponseCookie.ResponseCookieBuilder refreshBuilder = ResponseCookie.from("refreshToken", refreshToken)
                 .path("/")
                 .httpOnly(true)
                 .secure(secure)
                 .sameSite(sameSite)
-                .maxAge(jwtProperties.getExpiration().getRefresh() / 1000);
+                .maxAge(StringUtils.hasText(refreshToken) ? jwtProperties.getExpiration().getRefresh() / 1000 : 0);
 
 
-        if (jwtProperties.getCookieDomain() != null && !jwtProperties.getCookieDomain().isBlank()) {
-            accessBuilder.domain(jwtProperties.getCookieDomain()).build();
-            refreshBuilder.domain(jwtProperties.getCookieDomain()).build();
+        if (StringUtils.hasText(jwtProperties.getCookieDomain())) {
+            accessBuilder.domain(jwtProperties.getCookieDomain());
+            refreshBuilder.domain(jwtProperties.getCookieDomain());
         }
 
         response.addHeader("Set-Cookie", accessBuilder.build().toString());

src/main/java/com/jajaja/global/security/oauth/CustomOAuth2SuccessHandler.java

@@ -1,5 +1,7 @@
 package com.jajaja.global.security.oauth;
 
+import com.jajaja.domain.redis.entity.RefreshToken;
+import com.jajaja.domain.redis.repository.RefreshTokenRepository;
 import com.jajaja.global.security.jwt.JwtProperties;
 import com.jajaja.global.security.jwt.JwtProvider;
 import jakarta.servlet.ServletException;
@@ -18,11 +20,14 @@ public class CustomOAuth2SuccessHandler implements AuthenticationSuccessHandler
 
     private final JwtProvider jwtProvider;
     private final JwtProperties jwtProperties;
+    private final RefreshTokenRepository refreshTokenRepository;
 
     @Override
     public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException {
         String accessToken = jwtProvider.generateAccessToken(authentication);
         String refreshToken = jwtProvider.generateRefreshToken(authentication);
+        RefreshToken refreshTokenEntity = new RefreshToken(authentication.getName(), refreshToken);
+        refreshTokenRepository.save(refreshTokenEntity);
         jwtProvider.writeTokenCookies(response, accessToken, refreshToken);
         response.sendRedirect(jwtProperties.getRedirectUrl());
     }

src/main/resources/application.yml

@@ -50,6 +50,11 @@ spring:
             token-uri: https://kauth.kakao.com/oauth/token
             user-info-uri: https://kapi.kakao.com/v2/user/me
             user-name-attribute: id
+  data:
+    redis:
+      host: ${REDIS_HOST}
+      port: ${REDIS_PORT}
+
 jwt:
   token:
     secret-key: ${JWT_SECRET_KEY}