From d50b2a8eef69a06fae2303452ecd83fa766263a0 Mon Sep 17 00:00:00 2001 From: dirgantarasiahaan Date: Thu, 25 May 2023 11:55:47 +0700 Subject: [PATCH] temp authentication user --- .../smartproc/configuration/JwtTokenUtil.java | 4 +- .../controller/AuthenticationController.java | 35 ++++++ .../iconplus/smartproc/model/entity/Menu.java | 52 --------- .../smartproc/model/entity/Menus.java | 45 ++++++++ .../smartproc/model/entity/Permission.java | 33 +++--- .../model/entity/TokenManagement.java | 2 +- .../model/request/RefreshTokenRequest.java | 15 +++ .../model/response/LoginResponse.java | 2 +- .../model/response/RefreshTokenResponse.java | 17 +++ .../smartproc/model/token/TokenContent.java | 4 +- .../repository/TokenManagementRepository.java | 8 ++ .../smartproc/repository/UsersRepository.java | 22 ++++ .../smartproc/service/CommonService.java | 47 +++++++- .../service/authentication/LoginService.java | 57 +++++++++- .../TokenManagementService.java | 100 ++++++++++++++++++ src/main/resources/application-local.yml | 3 + 16 files changed, 368 insertions(+), 78 deletions(-) create mode 100644 src/main/java/com/iconplus/smartproc/controller/AuthenticationController.java delete mode 100644 src/main/java/com/iconplus/smartproc/model/entity/Menu.java create mode 100644 src/main/java/com/iconplus/smartproc/model/entity/Menus.java create mode 100644 src/main/java/com/iconplus/smartproc/model/request/RefreshTokenRequest.java create mode 100644 src/main/java/com/iconplus/smartproc/model/response/RefreshTokenResponse.java create mode 100644 src/main/java/com/iconplus/smartproc/service/authentication/TokenManagementService.java diff --git a/src/main/java/com/iconplus/smartproc/configuration/JwtTokenUtil.java b/src/main/java/com/iconplus/smartproc/configuration/JwtTokenUtil.java index ebab745..aff55c6 100644 --- a/src/main/java/com/iconplus/smartproc/configuration/JwtTokenUtil.java +++ b/src/main/java/com/iconplus/smartproc/configuration/JwtTokenUtil.java @@ -39,11 +39,11 @@ public class JwtTokenUtil implements Serializable { return expiration.before(new Date()); } - public String generateToken(String username, TokenContent tokenContent, Integer expirationInMs, String channel, String scopeType) { + public String generateToken(String username, TokenContent tokenContent, Integer expirationInMs) { Map claims = new HashMap<>(); claims.put("authorities", tokenContent.getAccessMenu()); - claims.put("fullname", tokenContent.getFullname()); + claims.put("nama", tokenContent.getNama()); claims.put("username", tokenContent.getUsername()); claims.put("user_id", tokenContent.getUserId()); claims.put("role", tokenContent.getRole()); diff --git a/src/main/java/com/iconplus/smartproc/controller/AuthenticationController.java b/src/main/java/com/iconplus/smartproc/controller/AuthenticationController.java new file mode 100644 index 0000000..c14e678 --- /dev/null +++ b/src/main/java/com/iconplus/smartproc/controller/AuthenticationController.java @@ -0,0 +1,35 @@ +package com.iconplus.smartproc.controller; + +import com.iconplus.smartproc.model.request.LoginRequest; +import com.iconplus.smartproc.model.request.RefreshTokenRequest; +import com.iconplus.smartproc.model.response.LoginResponse; +import com.iconplus.smartproc.model.response.RefreshTokenResponse; +import com.iconplus.smartproc.service.authentication.LoginService; +import com.iconplus.smartproc.service.authentication.TokenManagementService; +import org.springframework.web.bind.annotation.*; + +@CrossOrigin(origins = "http://localhost:8080", allowCredentials = "true") +@RestController +@RequestMapping("/api/authentication") +public class AuthenticationController { + + private LoginService loginService; + private TokenManagementService tokenManagementService; + + public AuthenticationController(LoginService loginService, + TokenManagementService tokenManagementService) { + this.loginService = loginService; + this.tokenManagementService = tokenManagementService; + } + + @PostMapping("/login") + public LoginResponse getLoginResponse(@RequestBody LoginRequest loginRequest) { + return loginService.execute(loginRequest); + } + + @PostMapping("/refresh-token") + public RefreshTokenResponse getRefreshToken(@RequestBody RefreshTokenRequest refreshTokenRequest) { + return tokenManagementService.execute(refreshTokenRequest); + } + +} diff --git a/src/main/java/com/iconplus/smartproc/model/entity/Menu.java b/src/main/java/com/iconplus/smartproc/model/entity/Menu.java deleted file mode 100644 index d37879f..0000000 --- a/src/main/java/com/iconplus/smartproc/model/entity/Menu.java +++ /dev/null @@ -1,52 +0,0 @@ -package com.iconplus.smartproc.model.entity; - -import com.iconplus.smartproc.helper.base.BaseEntity; -import lombok.AllArgsConstructor; -import lombok.Builder; -import lombok.Data; -import lombok.NoArgsConstructor; -import org.hibernate.annotations.GeneratorType; -import org.hibernate.annotations.Type; - -import javax.persistence.*; - - -@Data -@Builder -@AllArgsConstructor -@NoArgsConstructor -@Entity -@Table(name = "permission") -public class Menu extends BaseEntity { - - @Id - @GeneratedValue(strategy = GenerationType.IDENTITY) - @Column(name = "id") - private Long id; - - @Column(name = "subMenu") - private String subMenu; - - @Column(name = "menu") - private String menu; - -// @Column(name = "can_view") -// @Type(type = "org.hibernate.type.NumericBooleanType") -// private Boolean canView; -// -// @Column(name = "can_read") -// @Type(type = "org.hibernate.type.NumericBooleanType") -// private Boolean canRead; -// -// @Column(name = "can_create") -// @Type(type = "org.hibernate.type.NumericBooleanType") -// private Boolean canCreate; -// -// @Column(name = "can_delete") -// @Type(type = "org.hibernate.type.NumericBooleanType") -// private Boolean canDelete; - - @Column(name = "deleted") - @Type(type = "org.hibernate.type.NumericBooleanType") - private Boolean deleted; -} diff --git a/src/main/java/com/iconplus/smartproc/model/entity/Menus.java b/src/main/java/com/iconplus/smartproc/model/entity/Menus.java new file mode 100644 index 0000000..9001e39 --- /dev/null +++ b/src/main/java/com/iconplus/smartproc/model/entity/Menus.java @@ -0,0 +1,45 @@ +package com.iconplus.smartproc.model.entity; + +import com.iconplus.smartproc.helper.base.BaseEntity; +import lombok.AllArgsConstructor; +import lombok.Builder; +import lombok.Data; +import lombok.NoArgsConstructor; +import org.hibernate.annotations.GeneratorType; +import org.hibernate.annotations.Type; + +import javax.persistence.*; + + +@Data +@Builder +@AllArgsConstructor +@NoArgsConstructor +@Entity +@Table(name = "menus") +public class Menus extends BaseEntity { + + @Id + @GeneratedValue(strategy = GenerationType.IDENTITY) + @Column(name = "id") + private Long id; + + @Column(name = "parent_id") + private Long parentId; + + @Column(name = "nama") + private String nama; + + @Column(name = "link") + private String link; + + @Column(name = "urutan") + private Long urutan; + + @Column(name = "icon") + private String icon; + + @Column(name = "is_delete") + @Type(type = "org.hibernate.type.NumericBooleanType") + private Boolean isDelete; +} diff --git a/src/main/java/com/iconplus/smartproc/model/entity/Permission.java b/src/main/java/com/iconplus/smartproc/model/entity/Permission.java index 76aeb2e..46e9df1 100644 --- a/src/main/java/com/iconplus/smartproc/model/entity/Permission.java +++ b/src/main/java/com/iconplus/smartproc/model/entity/Permission.java @@ -8,10 +8,7 @@ import lombok.NoArgsConstructor; import org.hibernate.annotations.GenericGenerator; import org.hibernate.annotations.Type; -import javax.persistence.Column; -import javax.persistence.GeneratedValue; -import javax.persistence.Id; -import javax.persistence.Table; +import javax.persistence.*; @Data @Builder @@ -21,13 +18,9 @@ import javax.persistence.Table; public class Permission extends BaseEntity { @Id - @GeneratedValue(generator = "UUID") - @GenericGenerator( - name = "UUID", - strategy = "org.hibernate.id.UUIDGenerator" - ) + @GeneratedValue(strategy = GenerationType.IDENTITY) @Column(name = "id") - private String id; + private Long id; @Column(name = "role_id") private Long roleId; @@ -35,7 +28,23 @@ public class Permission extends BaseEntity { @Column(name = "menu_id") private Long menuId; - @Column(name = "deleted") + @Column(name = "can_view") @Type(type = "org.hibernate.type.NumericBooleanType") - private Boolean deleted; + private Boolean canView; + + @Column(name = "can_read") + @Type(type = "org.hibernate.type.NumericBooleanType") + private Boolean canRead; + + @Column(name = "can_update") + @Type(type = "org.hibernate.type.NumericBooleanType") + private Boolean canUpdate; + + @Column(name = "can_delete") + @Type(type = "org.hibernate.type.NumericBooleanType") + private Boolean canDelete; + + @Column(name = "is_delete") + @Type(type = "org.hibernate.type.NumericBooleanType") + private Boolean isDelete; } diff --git a/src/main/java/com/iconplus/smartproc/model/entity/TokenManagement.java b/src/main/java/com/iconplus/smartproc/model/entity/TokenManagement.java index 75c9963..45aa828 100644 --- a/src/main/java/com/iconplus/smartproc/model/entity/TokenManagement.java +++ b/src/main/java/com/iconplus/smartproc/model/entity/TokenManagement.java @@ -29,7 +29,7 @@ public class TokenManagement extends BaseEntity { private String id; @Column(name = "user_id") - private String userId; + private Long userId; @Lob @Column(name = "access_token") diff --git a/src/main/java/com/iconplus/smartproc/model/request/RefreshTokenRequest.java b/src/main/java/com/iconplus/smartproc/model/request/RefreshTokenRequest.java new file mode 100644 index 0000000..d56621f --- /dev/null +++ b/src/main/java/com/iconplus/smartproc/model/request/RefreshTokenRequest.java @@ -0,0 +1,15 @@ +package com.iconplus.smartproc.model.request; + +import com.iconplus.smartproc.helper.base.BaseRequest; +import lombok.AllArgsConstructor; +import lombok.Builder; +import lombok.Data; +import lombok.NoArgsConstructor; + +@Data +@Builder +@AllArgsConstructor +@NoArgsConstructor +public class RefreshTokenRequest extends BaseRequest { + private String refreshToken; +} diff --git a/src/main/java/com/iconplus/smartproc/model/response/LoginResponse.java b/src/main/java/com/iconplus/smartproc/model/response/LoginResponse.java index 675e95b..10c2b58 100644 --- a/src/main/java/com/iconplus/smartproc/model/response/LoginResponse.java +++ b/src/main/java/com/iconplus/smartproc/model/response/LoginResponse.java @@ -15,7 +15,7 @@ import java.util.Set; public class LoginResponse extends BaseResponse { private String accessToken; - private String validity; + private Integer validity; private String refreshToken; private String username; private String email; diff --git a/src/main/java/com/iconplus/smartproc/model/response/RefreshTokenResponse.java b/src/main/java/com/iconplus/smartproc/model/response/RefreshTokenResponse.java new file mode 100644 index 0000000..3ecb322 --- /dev/null +++ b/src/main/java/com/iconplus/smartproc/model/response/RefreshTokenResponse.java @@ -0,0 +1,17 @@ +package com.iconplus.smartproc.model.response; + +import com.iconplus.smartproc.helper.base.BaseResponse; +import lombok.AllArgsConstructor; +import lombok.Builder; +import lombok.Data; +import lombok.NoArgsConstructor; + +@Data +@Builder +@AllArgsConstructor +@NoArgsConstructor +public class RefreshTokenResponse extends BaseResponse { + private String accessToken; + private String refreshToken; + private Integer validity; +} diff --git a/src/main/java/com/iconplus/smartproc/model/token/TokenContent.java b/src/main/java/com/iconplus/smartproc/model/token/TokenContent.java index 28907de..3efd7fb 100644 --- a/src/main/java/com/iconplus/smartproc/model/token/TokenContent.java +++ b/src/main/java/com/iconplus/smartproc/model/token/TokenContent.java @@ -8,9 +8,9 @@ import java.util.Set; @Builder @Data public class TokenContent { - private String userId; + private Long userId; private String role; private Set accessMenu; - private String fullname; + private String nama; private String username; } diff --git a/src/main/java/com/iconplus/smartproc/repository/TokenManagementRepository.java b/src/main/java/com/iconplus/smartproc/repository/TokenManagementRepository.java index 57e0b55..82a6e51 100644 --- a/src/main/java/com/iconplus/smartproc/repository/TokenManagementRepository.java +++ b/src/main/java/com/iconplus/smartproc/repository/TokenManagementRepository.java @@ -7,6 +7,7 @@ import org.springframework.data.jpa.repository.Query; import org.springframework.stereotype.Repository; import java.util.List; +import java.util.Optional; @Repository public interface TokenManagementRepository extends JpaRepository { @@ -16,4 +17,11 @@ public interface TokenManagementRepository extends JpaRepository= SYSDATE", nativeQuery = true) List findAccessTokenByUserIdAndDeletedFalse(String userId); + + @Query(value = "SELECT tm from TokenManagement tm " + + "WHERE tm.refreshToken = :refreshToken " + + "and tm.isDelete = false") + Optional findByRefreshToken(String refreshToken); + + Optional findByUserId(Long id); } diff --git a/src/main/java/com/iconplus/smartproc/repository/UsersRepository.java b/src/main/java/com/iconplus/smartproc/repository/UsersRepository.java index 4f5b0aa..652c64c 100644 --- a/src/main/java/com/iconplus/smartproc/repository/UsersRepository.java +++ b/src/main/java/com/iconplus/smartproc/repository/UsersRepository.java @@ -44,6 +44,28 @@ public interface UsersRepository extends JpaRepository { Optional findByEmailAndIsDeleteFalse(String email); + @Query("SELECT u.id as id, " + + "u.nama as nama, " + + "u.username as username, " + + "u.password as password, " + + "u.jabatan as jabatan, " + + "u.roleId as roleId, " + + "r.role as role, " + + "u.bidangId as bidangId, " + + "b.bidang as bidang, " + + "u.instansiId as instansiId, " + + "i.instansi as instansi, " + + "u.email as email, " + + "u.isActive as isActive, " + + "u.isDelete as isDelete " + + "FROM Users u " + + "JOIN Roles r ON r.id = u.roleId " + + "JOIN Bidang b ON b.id = u.bidangId " + + "JOIN Instansi i ON i.id = u.instansiId " + + "Where u.isDelete = false " + + "AND (u.username = :input OR u.email = :input)") + Optional getByUsernameOrEmail(String input); + Optional findByIdAndIsDeleteFalse(Long id); @Query("SELECT u.id as id, " + diff --git a/src/main/java/com/iconplus/smartproc/service/CommonService.java b/src/main/java/com/iconplus/smartproc/service/CommonService.java index beae0dd..2746885 100644 --- a/src/main/java/com/iconplus/smartproc/service/CommonService.java +++ b/src/main/java/com/iconplus/smartproc/service/CommonService.java @@ -1,14 +1,15 @@ package com.iconplus.smartproc.service; import com.iconplus.smartproc.exception.BusinessException; +import com.iconplus.smartproc.model.entity.TokenManagement; import com.iconplus.smartproc.model.request.UsersRequest; -import com.iconplus.smartproc.repository.BidangRepository; -import com.iconplus.smartproc.repository.InstansiRepository; -import com.iconplus.smartproc.repository.RolesRepository; -import com.iconplus.smartproc.repository.UsersRepository; +import com.iconplus.smartproc.repository.*; import org.apache.commons.lang3.StringUtils; import org.springframework.stereotype.Service; +import java.sql.Timestamp; +import java.time.Instant; + @Service public class CommonService { @@ -16,15 +17,18 @@ public class CommonService { private RolesRepository rolesRepository; private BidangRepository bidangRepository; private InstansiRepository instansiRepository; + private TokenManagementRepository tokenManagementRepository; public CommonService(UsersRepository usersRepository, RolesRepository rolesRepository, BidangRepository bidangRepository, - InstansiRepository instansiRepository) { + InstansiRepository instansiRepository, + TokenManagementRepository tokenManagementRepository) { this.usersRepository = usersRepository; this.rolesRepository = rolesRepository; this.bidangRepository = bidangRepository; this.instansiRepository = instansiRepository; + this.tokenManagementRepository = tokenManagementRepository; } public void validateUserRequst(UsersRequest input) { @@ -44,4 +48,37 @@ public class CommonService { throw new BusinessException("err", "err", "err"); } } + + public void saveUserToken(TokenManagement tokenManagement, Integer tokenExpiry) { + + var issuedTime = Timestamp.from(Instant.now()); + var expirationTime = Timestamp.from(Instant.now().plusMillis(tokenExpiry * (long) 60000)); + + if (StringUtils.isNotBlank(tokenManagement.getId())) { + tokenManagement.setIssuedTime(issuedTime); + tokenManagement.setExpiredTime(expirationTime); + tokenManagementRepository.save(tokenManagement); + return; + } + + var existToken = tokenManagementRepository.findByUserId(tokenManagement.getUserId()); + + if (existToken.isPresent()) { + existToken.get().setAccessToken(tokenManagement.getAccessToken()); + existToken.get().setRefreshToken(tokenManagement.getRefreshToken()); + existToken.get().setIsDelete(false); + existToken.get().setIssuedTime(issuedTime); + existToken.get().setExpiredTime(expirationTime); + tokenManagementRepository.save(existToken.get()); + } else { + tokenManagementRepository.save(TokenManagement.builder() + .userId(tokenManagement.getUserId()) + .accessToken(tokenManagement.getAccessToken()) + .refreshToken(tokenManagement.getRefreshToken()) + .issuedTime(issuedTime) + .expiredTime(expirationTime) + .isDelete(false) + .build()); + } + } } diff --git a/src/main/java/com/iconplus/smartproc/service/authentication/LoginService.java b/src/main/java/com/iconplus/smartproc/service/authentication/LoginService.java index 2b371b4..82350c9 100644 --- a/src/main/java/com/iconplus/smartproc/service/authentication/LoginService.java +++ b/src/main/java/com/iconplus/smartproc/service/authentication/LoginService.java @@ -1,47 +1,98 @@ package com.iconplus.smartproc.service.authentication; +import com.iconplus.smartproc.configuration.JwtTokenUtil; import com.iconplus.smartproc.exception.BusinessException; import com.iconplus.smartproc.helper.service.BaseService; +import com.iconplus.smartproc.model.entity.TokenManagement; import com.iconplus.smartproc.model.request.LoginRequest; import com.iconplus.smartproc.model.response.LoginResponse; +import com.iconplus.smartproc.model.token.TokenContent; import com.iconplus.smartproc.repository.UsersRepository; +import com.iconplus.smartproc.service.CommonService; import com.iconplus.smartproc.util.Constants; import lombok.extern.slf4j.Slf4j; import org.apache.commons.lang3.StringUtils; +import org.springframework.beans.factory.annotation.Value; import org.springframework.http.HttpStatus; import org.springframework.stereotype.Service; +import org.springframework.transaction.annotation.Transactional; + +import java.util.HashMap; +import java.util.Map; @Service @Slf4j public class LoginService implements BaseService { + @Value("${jwt.expired-time.access-token:15}") + private Integer accessTokenExp; + @Value("${jwt.expired-time.refresh-token:60}") + private Integer refreshTokenExp; private final UsersRepository usersRepository; + private final JwtTokenUtil jwtTokenUtil; + private final CommonService commonService; - public LoginService(UsersRepository userRepository) { + + public LoginService(UsersRepository userRepository, + JwtTokenUtil jwtTokenUtil, + CommonService commonService) { this.usersRepository = userRepository; + this.jwtTokenUtil = jwtTokenUtil; + this.commonService = commonService; } + @Transactional @Override public LoginResponse execute(LoginRequest input) { - var user= usersRepository.findByEmailAndIsDeleteFalse(input.getEmail()) + var userRoleView= usersRepository.getByUsernameOrEmail(input.getEmail()) .orElseThrow(() -> new BusinessException(HttpStatus.CONFLICT, Constants.ERR_CODE_10003, Constants.ERR_TTL_10003, String.format(Constants.ERR_MSG_10003, input.getEmail()))); - if (!StringUtils.equalsIgnoreCase(input.getPassword(), user.getPassword())) { + if (!StringUtils.equalsIgnoreCase(input.getPassword(), userRoleView.getPassword())) { throw new BusinessException(HttpStatus.CONFLICT, Constants.ERR_CODE_10004, Constants.ERR_TTL_10004, Constants.ERR_MSG_10004); } + var tokenContent = TokenContent.builder() + .userId(userRoleView.getId()) + .username(userRoleView.getUsername()) + .nama(userRoleView.getNama()) + .role(userRoleView.getRole()) + .accessMenu(null) + .build(); + + Map claims = new HashMap<>(); + claims.put("userId", userRoleView.getId()); + + final String accessToken = jwtTokenUtil.generateToken(String.valueOf(userRoleView.getId()), tokenContent, accessTokenExp * 60000); + String refreshToken = jwtTokenUtil.doGenerateToken(claims, String.valueOf(userRoleView.getId()), refreshTokenExp * 60000); + + if (StringUtils.isBlank(accessToken) || StringUtils.isBlank(refreshToken)) { + log.error("token null"); + throw new BusinessException("err", "err", "err"); + } + + commonService.saveUserToken(TokenManagement.builder() + .userId(userRoleView.getId()) + .accessToken(accessToken) + .refreshToken(refreshToken) + .build(), accessTokenExp); return LoginResponse.builder() + .accessToken(accessToken) + .validity(accessTokenExp * 60) + .refreshToken(refreshToken) + .username(userRoleView.getUsername()) + .email(userRoleView.getEmail()) + .role(userRoleView.getRole()) .build(); } } diff --git a/src/main/java/com/iconplus/smartproc/service/authentication/TokenManagementService.java b/src/main/java/com/iconplus/smartproc/service/authentication/TokenManagementService.java new file mode 100644 index 0000000..fba5e59 --- /dev/null +++ b/src/main/java/com/iconplus/smartproc/service/authentication/TokenManagementService.java @@ -0,0 +1,100 @@ +package com.iconplus.smartproc.service.authentication; + +import com.iconplus.smartproc.configuration.JwtTokenUtil; +import com.iconplus.smartproc.exception.BusinessException; +import com.iconplus.smartproc.helper.service.BaseService; +import com.iconplus.smartproc.helper.service.TokenUtils; +import com.iconplus.smartproc.model.entity.TokenManagement; +import com.iconplus.smartproc.model.request.RefreshTokenRequest; +import com.iconplus.smartproc.model.response.RefreshTokenResponse; +import com.iconplus.smartproc.model.token.TokenContent; +import com.iconplus.smartproc.repository.TokenManagementRepository; +import com.iconplus.smartproc.repository.UsersRepository; +import com.iconplus.smartproc.service.CommonService; +import lombok.extern.slf4j.Slf4j; +import org.springframework.beans.factory.annotation.Value; +import org.springframework.http.HttpStatus; +import org.springframework.stereotype.Service; +import org.springframework.transaction.annotation.Transactional; + +import java.util.Objects; + +@Service +@Slf4j +public class TokenManagementService implements BaseService { + + @Value("${jwt.expired-time.access-token:15}") + private Integer accessTokenExp; + + private final TokenManagementRepository tokenManagementRepository; + private final UsersRepository usersRepository; + private final JwtTokenUtil jwtTokenUtil; + private final CommonService commonService; + + public TokenManagementService(TokenManagementRepository tokenManagementRepository, + JwtTokenUtil jwtTokenUtil, + UsersRepository usersRepository, + CommonService commonService) { + this.tokenManagementRepository = tokenManagementRepository; + this.jwtTokenUtil = jwtTokenUtil; + this.usersRepository = usersRepository; + this.commonService = commonService; + } + + @Transactional + @Override + public RefreshTokenResponse execute(RefreshTokenRequest input) { + + try { + jwtTokenUtil.validateTokenOnly(input.getRefreshToken()); + } catch (Exception e) { + throw new BusinessException(HttpStatus.UNAUTHORIZED, "err", "err", "err"); + } + + var decodeToken = TokenUtils.decodeToken(input.getRefreshToken()); + Long userId = Long.valueOf(decodeToken.get("userId")); + + var tokenManagement1 = tokenManagementRepository.findByRefreshToken(input.getRefreshToken()); + + TokenManagement tokenManagement = tokenManagementRepository.findByRefreshToken(input.getRefreshToken()) + .map(c -> verifyRefreshToken(c, userId)) + .orElseThrow(() -> { + log.error("failed validate token to existing db"); + return new BusinessException( + HttpStatus.UNAUTHORIZED, "err", "err", + "err"); + }); + + var userRoleView = usersRepository.getUserByIdAndDeletedFase(userId).orElseThrow(() -> new BusinessException("err", "err", "err")); + + var tokenContent = TokenContent.builder() + .userId(userRoleView.getId()) + .username(userRoleView.getUsername()) + .nama(userRoleView.getNama()) + .role(userRoleView.getRole()) + .accessMenu(null) + .build(); + + final String accessToken = jwtTokenUtil.generateToken(String.valueOf(userRoleView.getId()), tokenContent, accessTokenExp * 60000); + + tokenManagement.setAccessToken(accessToken); + tokenManagement.setRefreshToken(input.getRefreshToken()); + commonService.saveUserToken(tokenManagement, accessTokenExp); + + return RefreshTokenResponse.builder() + .accessToken(accessToken) + .refreshToken(input.getRefreshToken()) + .validity(accessTokenExp * 60) + .build(); + } + + private TokenManagement verifyRefreshToken(TokenManagement tokenManagement, Long userId) { + if (!Objects.equals(userId, tokenManagement.getUserId())) { + throw new BusinessException(HttpStatus.UNAUTHORIZED, + "err", + "err", + "err"); + } + return tokenManagement; + } +} diff --git a/src/main/resources/application-local.yml b/src/main/resources/application-local.yml index 69e2bf7..4d67143 100644 --- a/src/main/resources/application-local.yml +++ b/src/main/resources/application-local.yml @@ -12,6 +12,9 @@ spring: url: jdbc:postgresql://localhost:5432/smartproc username: postgres password: postgre +# autoCommit=false + hikari: + auto-commit: false jackson: default-property-inclusion: NON_NULL jpa: