AndriDiki/smartproc-be
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

temp authentication user

Browse Source
This commit is contained in:
dirgantarasiahaan
2023-05-25 11:55:47 +07:00
parent 77dfe44ee6
commit d50b2a8eef
16 changed files with 368 additions and 78 deletions
Download Patch File Download Diff File Expand all files Collapse all files

100
src/main/java/com/iconplus/smartproc/service/authentication/TokenManagementService.java Normal file
View File

@@ -0,0 +1,100 @@
package com.iconplus.smartproc.service.authentication;
import com.iconplus.smartproc.configuration.JwtTokenUtil;
import com.iconplus.smartproc.exception.BusinessException;
import com.iconplus.smartproc.helper.service.BaseService;
import com.iconplus.smartproc.helper.service.TokenUtils;
import com.iconplus.smartproc.model.entity.TokenManagement;
import com.iconplus.smartproc.model.request.RefreshTokenRequest;
import com.iconplus.smartproc.model.response.RefreshTokenResponse;
import com.iconplus.smartproc.model.token.TokenContent;
import com.iconplus.smartproc.repository.TokenManagementRepository;
import com.iconplus.smartproc.repository.UsersRepository;
import com.iconplus.smartproc.service.CommonService;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.http.HttpStatus;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import java.util.Objects;
@Service
@Slf4j
public class TokenManagementService implements BaseService<RefreshTokenRequest, RefreshTokenResponse> {
@Value("${jwt.expired-time.access-token:15}")
private Integer accessTokenExp;
private final TokenManagementRepository tokenManagementRepository;
private final UsersRepository usersRepository;
private final JwtTokenUtil jwtTokenUtil;
private final CommonService commonService;
public TokenManagementService(TokenManagementRepository tokenManagementRepository,
JwtTokenUtil jwtTokenUtil,
UsersRepository usersRepository,
CommonService commonService) {
this.tokenManagementRepository = tokenManagementRepository;
this.jwtTokenUtil = jwtTokenUtil;
this.usersRepository = usersRepository;
this.commonService = commonService;
}
@Transactional
@Override
public RefreshTokenResponse execute(RefreshTokenRequest input) {
try {
jwtTokenUtil.validateTokenOnly(input.getRefreshToken());
} catch (Exception e) {
throw new BusinessException(HttpStatus.UNAUTHORIZED, "err", "err", "err");
}
var decodeToken = TokenUtils.decodeToken(input.getRefreshToken());
Long userId = Long.valueOf(decodeToken.get("userId"));
var tokenManagement1 = tokenManagementRepository.findByRefreshToken(input.getRefreshToken());
TokenManagement tokenManagement = tokenManagementRepository.findByRefreshToken(input.getRefreshToken())
.map(c -> verifyRefreshToken(c, userId))
.orElseThrow(() -> {
log.error("failed validate token to existing db");
return new BusinessException(
HttpStatus.UNAUTHORIZED, "err", "err",
"err");
});
var userRoleView = usersRepository.getUserByIdAndDeletedFase(userId).orElseThrow(() -> new BusinessException("err", "err", "err"));
var tokenContent = TokenContent.builder()
.userId(userRoleView.getId())
.username(userRoleView.getUsername())
.nama(userRoleView.getNama())
.role(userRoleView.getRole())
.accessMenu(null)
.build();
final String accessToken = jwtTokenUtil.generateToken(String.valueOf(userRoleView.getId()), tokenContent, accessTokenExp * 60000);
tokenManagement.setAccessToken(accessToken);
tokenManagement.setRefreshToken(input.getRefreshToken());
commonService.saveUserToken(tokenManagement, accessTokenExp);
return RefreshTokenResponse.builder()
.accessToken(accessToken)
.refreshToken(input.getRefreshToken())
.validity(accessTokenExp * 60)
.build();
}
private TokenManagement verifyRefreshToken(TokenManagement tokenManagement, Long userId) {
if (!Objects.equals(userId, tokenManagement.getUserId())) {
throw new BusinessException(HttpStatus.UNAUTHORIZED,
"err",
"err",
"err");
}
return tokenManagement;
}
}