add spring security and token management

2023-05-23 19:42:51 +07:00
parent 597d4062c7
commit c76c01a174
35 changed files with 1095 additions and 53 deletions
--- a/src/main/java/com/iconplus/smartproc/service/authentication/PostCheckAccessTokenService.java
+++ b/src/main/java/com/iconplus/smartproc/service/authentication/PostCheckAccessTokenService.java
@ -0,0 +1,55 @@
+package com.iconplus.smartproc.service.authentication;
+
+import com.iconplus.smartproc.helper.service.BaseService;
+import com.iconplus.smartproc.helper.service.TokenUtils;
+import com.iconplus.smartproc.model.projection.TokenManagementView;
+import com.iconplus.smartproc.model.request.PostAccessTokenRequest;
+import com.iconplus.smartproc.model.response.PostAccessTokenResponse;
+import com.iconplus.smartproc.repository.TokenManagementRepository;
+import com.iconplus.smartproc.util.CommonUtil;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.stereotype.Service;
+
+import java.util.List;
+import java.util.stream.Collectors;
+
+@Service
+@Slf4j
+public class PostCheckAccessTokenService implements BaseService<PostAccessTokenRequest, PostAccessTokenResponse> {
+
+    private TokenManagementRepository tokenManagementRepository;
+
+    public PostCheckAccessTokenService(TokenManagementRepository tokenManagementRepository) {
+        this.tokenManagementRepository = tokenManagementRepository;
+    }
+
+    @Override
+    public PostAccessTokenResponse execute(PostAccessTokenRequest input) {
+
+        var decodeToken = TokenUtils.decodeToken(input.getAccessToken());
+        String userId = decodeToken.get("user_id");
+
+        List<TokenManagementView> tokenManagementViews = tokenManagementRepository.findAccessTokenByUserIdAndDeletedFalse(userId);
+        if (tokenManagementViews.isEmpty()) {
+            log.error("access token not found in db");
+            return PostAccessTokenResponse.builder()
+                    .isValid(false)
+                    .build();
+        }
+
+        List<String> userTokenList = tokenManagementViews.stream()
+                .map(c-> CommonUtil.clobToString(c.getAccessToken()))
+                .collect(Collectors.toList());
+
+        boolean isMatch = userTokenList.stream().anyMatch(s -> s.equals(input.getAccessToken()));
+        if (isMatch) {
+            return PostAccessTokenResponse.builder()
+                    .isValid(true)
+                    .build();
+        }
+
+        return PostAccessTokenResponse.builder()
+                .isValid(false)
+                .build();
+    }
+}