AndriDiki/smartproc-be
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

temp authentication user

Browse Source
This commit is contained in:
dirgantarasiahaan
2023-05-25 11:55:47 +07:00
parent 77dfe44ee6
commit d50b2a8eef
16 changed files with 368 additions and 78 deletions
Download Patch File Download Diff File Expand all files Collapse all files

57
src/main/java/com/iconplus/smartproc/service/authentication/LoginService.java
View File

@@ -1,47 +1,98 @@
package com.iconplus.smartproc.service.authentication;
import com.iconplus.smartproc.configuration.JwtTokenUtil;
import com.iconplus.smartproc.exception.BusinessException;
import com.iconplus.smartproc.helper.service.BaseService;
import com.iconplus.smartproc.model.entity.TokenManagement;
import com.iconplus.smartproc.model.request.LoginRequest;
import com.iconplus.smartproc.model.response.LoginResponse;
import com.iconplus.smartproc.model.token.TokenContent;
import com.iconplus.smartproc.repository.UsersRepository;
import com.iconplus.smartproc.service.CommonService;
import com.iconplus.smartproc.util.Constants;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.http.HttpStatus;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import java.util.HashMap;
import java.util.Map;
@Service
@Slf4j
public class LoginService implements BaseService<LoginRequest, LoginResponse> {
@Value("${jwt.expired-time.access-token:15}")
private Integer accessTokenExp;
@Value("${jwt.expired-time.refresh-token:60}")
private Integer refreshTokenExp;
private final UsersRepository usersRepository;
private final JwtTokenUtil jwtTokenUtil;
private final CommonService commonService;
public LoginService(UsersRepository userRepository) {
public LoginService(UsersRepository userRepository,
JwtTokenUtil jwtTokenUtil,
CommonService commonService) {
this.usersRepository = userRepository;
this.jwtTokenUtil = jwtTokenUtil;
this.commonService = commonService;
}
@Transactional
@Override
public LoginResponse execute(LoginRequest input) {
var user= usersRepository.findByEmailAndIsDeleteFalse(input.getEmail())
var userRoleView= usersRepository.getByUsernameOrEmail(input.getEmail())
.orElseThrow(() -> new BusinessException(HttpStatus.CONFLICT,
Constants.ERR_CODE_10003,
Constants.ERR_TTL_10003,
String.format(Constants.ERR_MSG_10003, input.getEmail())));
if (!StringUtils.equalsIgnoreCase(input.getPassword(), user.getPassword())) {
if (!StringUtils.equalsIgnoreCase(input.getPassword(), userRoleView.getPassword())) {
throw new BusinessException(HttpStatus.CONFLICT,
Constants.ERR_CODE_10004,
Constants.ERR_TTL_10004,
Constants.ERR_MSG_10004);
}
var tokenContent = TokenContent.builder()
.userId(userRoleView.getId())
.username(userRoleView.getUsername())
.nama(userRoleView.getNama())
.role(userRoleView.getRole())
.accessMenu(null)
.build();
Map<String, Object> claims = new HashMap<>();
claims.put("userId", userRoleView.getId());
final String accessToken = jwtTokenUtil.generateToken(String.valueOf(userRoleView.getId()), tokenContent, accessTokenExp * 60000);
String refreshToken = jwtTokenUtil.doGenerateToken(claims, String.valueOf(userRoleView.getId()), refreshTokenExp * 60000);
if (StringUtils.isBlank(accessToken) || StringUtils.isBlank(refreshToken)) {
log.error("token null");
throw new BusinessException("err", "err", "err");
}
commonService.saveUserToken(TokenManagement.builder()
.userId(userRoleView.getId())
.accessToken(accessToken)
.refreshToken(refreshToken)
.build(), accessTokenExp);
return LoginResponse.builder()
.accessToken(accessToken)
.validity(accessTokenExp * 60)
.refreshToken(refreshToken)
.username(userRoleView.getUsername())
.email(userRoleView.getEmail())
.role(userRoleView.getRole())
.build();
}
}

100
src/main/java/com/iconplus/smartproc/service/authentication/TokenManagementService.java Normal file
View File

@@ -0,0 +1,100 @@
package com.iconplus.smartproc.service.authentication;
import com.iconplus.smartproc.configuration.JwtTokenUtil;
import com.iconplus.smartproc.exception.BusinessException;
import com.iconplus.smartproc.helper.service.BaseService;
import com.iconplus.smartproc.helper.service.TokenUtils;
import com.iconplus.smartproc.model.entity.TokenManagement;
import com.iconplus.smartproc.model.request.RefreshTokenRequest;
import com.iconplus.smartproc.model.response.RefreshTokenResponse;
import com.iconplus.smartproc.model.token.TokenContent;
import com.iconplus.smartproc.repository.TokenManagementRepository;
import com.iconplus.smartproc.repository.UsersRepository;
import com.iconplus.smartproc.service.CommonService;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.http.HttpStatus;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import java.util.Objects;
@Service
@Slf4j
public class TokenManagementService implements BaseService<RefreshTokenRequest, RefreshTokenResponse> {
@Value("${jwt.expired-time.access-token:15}")
private Integer accessTokenExp;
private final TokenManagementRepository tokenManagementRepository;
private final UsersRepository usersRepository;
private final JwtTokenUtil jwtTokenUtil;
private final CommonService commonService;
public TokenManagementService(TokenManagementRepository tokenManagementRepository,
JwtTokenUtil jwtTokenUtil,
UsersRepository usersRepository,
CommonService commonService) {
this.tokenManagementRepository = tokenManagementRepository;
this.jwtTokenUtil = jwtTokenUtil;
this.usersRepository = usersRepository;
this.commonService = commonService;
}
@Transactional
@Override
public RefreshTokenResponse execute(RefreshTokenRequest input) {
try {
jwtTokenUtil.validateTokenOnly(input.getRefreshToken());
} catch (Exception e) {
throw new BusinessException(HttpStatus.UNAUTHORIZED, "err", "err", "err");
}
var decodeToken = TokenUtils.decodeToken(input.getRefreshToken());
Long userId = Long.valueOf(decodeToken.get("userId"));
var tokenManagement1 = tokenManagementRepository.findByRefreshToken(input.getRefreshToken());
TokenManagement tokenManagement = tokenManagementRepository.findByRefreshToken(input.getRefreshToken())
.map(c -> verifyRefreshToken(c, userId))
.orElseThrow(() -> {
log.error("failed validate token to existing db");
return new BusinessException(
HttpStatus.UNAUTHORIZED, "err", "err",
"err");
});
var userRoleView = usersRepository.getUserByIdAndDeletedFase(userId).orElseThrow(() -> new BusinessException("err", "err", "err"));
var tokenContent = TokenContent.builder()
.userId(userRoleView.getId())
.username(userRoleView.getUsername())
.nama(userRoleView.getNama())
.role(userRoleView.getRole())
.accessMenu(null)
.build();
final String accessToken = jwtTokenUtil.generateToken(String.valueOf(userRoleView.getId()), tokenContent, accessTokenExp * 60000);
tokenManagement.setAccessToken(accessToken);
tokenManagement.setRefreshToken(input.getRefreshToken());
commonService.saveUserToken(tokenManagement, accessTokenExp);
return RefreshTokenResponse.builder()
.accessToken(accessToken)
.refreshToken(input.getRefreshToken())
.validity(accessTokenExp * 60)
.build();
}
private TokenManagement verifyRefreshToken(TokenManagement tokenManagement, Long userId) {
if (!Objects.equals(userId, tokenManagement.getUserId())) {
throw new BusinessException(HttpStatus.UNAUTHORIZED,
"err",
"err",
"err");
}
return tokenManagement;
}
}