DevLens_BE/Main/src/main/java/com/seveneleven/member/controller/AuthController.java at 22f362bdfbca75f0b331f7dd447924675493f144 · seven-eleven-devlens/DevLens_BE · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
package com.seveneleven.member.controller;

import com.seveneleven.config.TokenProvider;
import com.seveneleven.response.APIResponse;
import com.seveneleven.response.SuccessCode;
import com.seveneleven.util.security.dto.TokenResponse;
import com.seveneleven.util.security.service.RefreshTokenService;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.http.HttpHeaders;
import org.springframework.http.ResponseCookie;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.*;

@RestController
@RequestMapping("/api/auth")
@RequiredArgsConstructor
@Slf4j
public class AuthController implements AuthDocs{
    private final RefreshTokenService refreshTokenService;
    private final TokenProvider tokenProvider;
    @Value("${spring.profiles.active}")
    private String mod;

    /**
     * 함수명 : refreshAccessToken
     * Access Token 재발급 API
     *
     */
    @PostMapping("/refresh")
    public ResponseEntity<APIResponse<SuccessCode>> refreshAccessToken (@CookieValue(value = "X-Access-Token", required = false)  String accessToken,
                                                                          @CookieValue("X-Refresh-Token") String refreshToken) {

        TokenResponse tokens = refreshTokenService.refreshAccessToken(accessToken, refreshToken);


        // Access Token 쿠키 생성
        ResponseCookie accessTokenCookie = createCookie(
                "X-Access-Token",
                tokens.accessToken(),
                tokenProvider.getAccessTokenExpireTime() / 1000
        );

        // Refresh Token 쿠키 생성
        ResponseCookie refreshTokenCookie = createCookie(
                "X-Refresh-Token",
                tokens.refreshToken(),
                tokenProvider.getRefreshTokenExpireTime()/ 1000
        );

        log.info("[Main] 액세스 토큰 재발급 : "+accessTokenCookie.toString());
        log.info("[Main] 리프레시 토큰 재발급 : "+refreshTokenCookie.toString());

        // HTTP 응답에 쿠키 추가
        HttpHeaders httpHeaders = new HttpHeaders();
        httpHeaders.add(HttpHeaders.SET_COOKIE, accessTokenCookie.toString());
        httpHeaders.add(HttpHeaders.SET_COOKIE, refreshTokenCookie.toString());


        return ResponseEntity.status(SuccessCode.OK.getStatus())
                .headers(httpHeaders)
                .body(APIResponse.success(SuccessCode.OK));
    }

    /**
     * 쿠키 생성 메서드.
     *
     * @param name     쿠키 이름
     * @param value    쿠키 값
     * @param maxAge   쿠키 만료 시간 (초 단위)
     * @return 생성된 ResponseCookie
     */
    private ResponseCookie createCookie(String name, String value, Long maxAge) {

        log.info("[Main] "+mod+" 환경에서 토큰 재발급 중 ...");

        ResponseCookie.ResponseCookieBuilder cookieBuilder = ResponseCookie.from(name, value)
                .secure(true)
                .httpOnly(true)
                .sameSite("None")
                .maxAge(maxAge)
                .path("/");


        // 배포 환경에서만 도메인 적용
        if ("prod".equals(mod)) {
            cookieBuilder.domain(".devlens.work");
        }

        return cookieBuilder.build();
    }
}