smartproc-be/src/main/java/com/iconplus/smartproc/service/authentication/PostCheckAccessTokenService.java

package com.iconplus.smartproc.service.authentication;

import com.iconplus.smartproc.helper.service.BaseService;
import com.iconplus.smartproc.helper.service.TokenUtils;
import com.iconplus.smartproc.model.projection.TokenManagementView;
import com.iconplus.smartproc.model.request.PostAccessTokenRequest;
import com.iconplus.smartproc.model.response.PostAccessTokenResponse;
import com.iconplus.smartproc.repository.TokenManagementRepository;
import com.iconplus.smartproc.util.CommonUtil;
import lombok.extern.slf4j.Slf4j;
import org.springframework.stereotype.Service;

import java.util.List;
import java.util.stream.Collectors;

@Service
@Slf4j
public class PostCheckAccessTokenService implements BaseService<PostAccessTokenRequest, PostAccessTokenResponse> {

    private TokenManagementRepository tokenManagementRepository;

    public PostCheckAccessTokenService(TokenManagementRepository tokenManagementRepository) {
        this.tokenManagementRepository = tokenManagementRepository;
    }

    @Override
    public PostAccessTokenResponse execute(PostAccessTokenRequest input) {

        var decodeToken = TokenUtils.decodeToken(input.getAccessToken());
        Long userId = Long.valueOf(decodeToken.get("user_id"));

        List<TokenManagementView> tokenManagementViews = tokenManagementRepository.findAccessTokenByUserIdAndDeletedFalse(userId);
        if (tokenManagementViews.isEmpty()) {
            log.error("access token not found in db");
            return PostAccessTokenResponse.builder()
                    .isValid(false)
                    .build();
        }

        List<String> userTokenList = tokenManagementViews.stream()
                .map(TokenManagementView::getAccessToken)
                .collect(Collectors.toList());

        boolean isMatch = userTokenList.stream().anyMatch(s -> s.equals(input.getAccessToken()));
        if (isMatch) {
            return PostAccessTokenResponse.builder()
                    .isValid(true)
                    .build();
        }

        return PostAccessTokenResponse.builder()
                .isValid(false)
                .build();
    }
}