From 26cce66a49aedd8634d48647be3011424808f378 Mon Sep 17 00:00:00 2001 From: Kwon Min A Date: Thu, 23 Nov 2023 01:01:05 +0900 Subject: [PATCH 1/4] =?UTF-8?q?feat:=20=EB=A1=9C=EA=B7=B8=EC=95=84?= =?UTF-8?q?=EC=9B=83=20=EA=B2=BD=EB=A1=9C=EC=97=90=20=EC=9D=B8=EC=A6=9D=20?= =?UTF-8?q?=EC=B6=94=EA=B0=80=20#39?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/main/java/com/efub/dhs/global/config/SecurityConfig.java | 1 + 1 file changed, 1 insertion(+) diff --git a/src/main/java/com/efub/dhs/global/config/SecurityConfig.java b/src/main/java/com/efub/dhs/global/config/SecurityConfig.java index 118ffe0..d6925ec 100644 --- a/src/main/java/com/efub/dhs/global/config/SecurityConfig.java +++ b/src/main/java/com/efub/dhs/global/config/SecurityConfig.java @@ -34,6 +34,7 @@ public SecurityFilterChain securityFilterChain(HttpSecurity httpSecurity) throws .authorizeRequests() .antMatchers("/members/**").authenticated() .antMatchers(HttpMethod.GET).permitAll() + .antMatchers("/auth/logout").authenticated() .antMatchers("/auth/**", "/oauth/**").permitAll() .anyRequest().authenticated() .and() From ebff85f49af6f88e0b83e4520bdf905073f224f0 Mon Sep 17 00:00:00 2001 From: Kwon Min A Date: Thu, 23 Nov 2023 01:01:35 +0900 Subject: [PATCH 2/4] =?UTF-8?q?feat:=20JwtToken=20TTL=202=EC=A3=BC?= =?UTF-8?q?=EB=A1=9C=20=EB=B3=80=EA=B2=BD=20#39?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/main/java/com/efub/dhs/global/jwt/entity/JwtToken.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/main/java/com/efub/dhs/global/jwt/entity/JwtToken.java b/src/main/java/com/efub/dhs/global/jwt/entity/JwtToken.java index ca384df..c20ca99 100644 --- a/src/main/java/com/efub/dhs/global/jwt/entity/JwtToken.java +++ b/src/main/java/com/efub/dhs/global/jwt/entity/JwtToken.java @@ -9,7 +9,7 @@ @Getter @AllArgsConstructor -@RedisHash(value = "jwtToken", timeToLive = 60 * 60 * 24 * 2) +@RedisHash(value = "jwtToken", timeToLive = 60 * 60 * 24 * 14) public class JwtToken { @Id From 00391c171aa9464b512f08d9b27a14f8b713a8d0 Mon Sep 17 00:00:00 2001 From: Kwon Min A Date: Thu, 23 Nov 2023 01:01:52 +0900 Subject: [PATCH 3/4] =?UTF-8?q?feat:=20=EB=A1=9C=EA=B7=B8=EC=95=84?= =?UTF-8?q?=EC=9B=83=20=EC=8B=9C=20=EC=95=A1=EC=84=B8=EC=8A=A4=20=ED=86=A0?= =?UTF-8?q?=ED=81=B0=EC=9D=B4=20=EC=97=86=EB=8A=94=20=EA=B2=BD=EC=9A=B0=20?= =?UTF-8?q?403=20=EB=A6=AC=ED=84=B4=20#39?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../com/efub/dhs/domain/member/controller/AuthController.java | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/src/main/java/com/efub/dhs/domain/member/controller/AuthController.java b/src/main/java/com/efub/dhs/domain/member/controller/AuthController.java index 35b37de..33e9e7b 100644 --- a/src/main/java/com/efub/dhs/domain/member/controller/AuthController.java +++ b/src/main/java/com/efub/dhs/domain/member/controller/AuthController.java @@ -11,6 +11,7 @@ import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.ResponseStatus; import org.springframework.web.bind.annotation.RestController; +import org.springframework.web.server.ResponseStatusException; import com.efub.dhs.domain.member.dto.AuthRequestDto; import com.efub.dhs.domain.member.dto.AuthResponseDto; @@ -47,6 +48,9 @@ public AuthResponseDto logIn(@RequestBody @Valid AuthRequestDto requestDto) { @ResponseStatus(HttpStatus.NO_CONTENT) public void logout(HttpServletRequest request) { String accessToken = resolveToken(request); + if (accessToken == null) { + throw new ResponseStatusException(HttpStatus.FORBIDDEN, "Empty Access Token."); + } jwtService.removeJwtToken(accessToken); } From ef7d355a6175608bcbdd8a7ae52bdeb75b765060 Mon Sep 17 00:00:00 2001 From: Kwon Min A Date: Thu, 23 Nov 2023 01:02:16 +0900 Subject: [PATCH 4/4] =?UTF-8?q?feat:=20Redis=EC=97=90=EC=84=9C=20accessTok?= =?UTF-8?q?en=EC=97=90=20=EB=8C=80=ED=95=9C=20JwtToken=EC=9D=84=20?= =?UTF-8?q?=EB=AA=BB=20=EC=B0=BE=EB=8A=94=20=EA=B2=BD=EC=9A=B0=20403=20?= =?UTF-8?q?=EB=A6=AC=ED=84=B4=20#39?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/main/java/com/efub/dhs/global/jwt/service/JwtService.java | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/main/java/com/efub/dhs/global/jwt/service/JwtService.java b/src/main/java/com/efub/dhs/global/jwt/service/JwtService.java index 076d0e6..b66a09b 100644 --- a/src/main/java/com/efub/dhs/global/jwt/service/JwtService.java +++ b/src/main/java/com/efub/dhs/global/jwt/service/JwtService.java @@ -1,6 +1,8 @@ package com.efub.dhs.global.jwt.service; +import org.springframework.http.HttpStatus; import org.springframework.stereotype.Service; +import org.springframework.web.server.ResponseStatusException; import com.efub.dhs.global.jwt.auth.JwtAuthProvider; import com.efub.dhs.global.jwt.entity.JwtToken; @@ -34,6 +36,6 @@ public JwtToken refreshToken(String accessToken) { private JwtToken getJwtToken(String accessToken) { return jwtRepository.findByAccessToken(accessToken) - .orElseThrow(() -> new SecurityException("JWT token is invalid.")); + .orElseThrow(() -> new ResponseStatusException(HttpStatus.FORBIDDEN, "Invalid Access Token.")); } }