diff --git a/be/src/main/java/com/secondhand/user/login/JwtUtil.java b/be/src/main/java/com/secondhand/user/login/JwtUtil.java index eef0e42ba..e85b38e0a 100644 --- a/be/src/main/java/com/secondhand/user/login/JwtUtil.java +++ b/be/src/main/java/com/secondhand/user/login/JwtUtil.java @@ -21,13 +21,13 @@ public class JwtUtil { @Value("${JWT_SECRET_KEY}") private String secret; // 시크릿 키를 설정 - public String createToken(LoggedInUser loggedInUser) { + public String createToken(LoggedInUser loggedInUser, Date expiredDate) { log.info("create Token start"); return Jwts.builder() .setHeaderParam("typ", "JWT") .setSubject("login_member") .claim("userProfile", loggedInUser) - .setExpiration(new Date((new Date()).getTime() + 3600000)) + .setExpiration(expiredDate) .signWith(SignatureAlgorithm.HS256, secret) .compact(); } diff --git a/be/src/main/java/com/secondhand/user/login/LoginController.java b/be/src/main/java/com/secondhand/user/login/LoginController.java index 50d4ba2f2..cec2608b1 100644 --- a/be/src/main/java/com/secondhand/user/login/LoginController.java +++ b/be/src/main/java/com/secondhand/user/login/LoginController.java @@ -1,6 +1,5 @@ package com.secondhand.user.login; -import com.secondhand.user.entity.User; import com.secondhand.user.login.dto.GithubToken; import com.secondhand.user.login.dto.JWTResponse; import com.secondhand.user.login.dto.LoggedInUser; @@ -12,6 +11,7 @@ import org.springframework.web.bind.annotation.RestController; import javax.servlet.http.HttpServletResponse; +import java.util.Date; @Slf4j @RestController @@ -29,7 +29,9 @@ public ResponseEntity githubLogin(String code, HttpServletResponse UserProfileResponse userProfile = loginService.getUserProfile(githubToken.getAccessToken()); LoggedInUser loggedInUser = loginService.createUser(userProfile); - String token = jwtUtil.createToken(loggedInUser); + Date expiredDate = new Date(new Date().getTime() + 3600000); + + String token = jwtUtil.createToken(loggedInUser, expiredDate); return ResponseEntity.ok(new JWTResponse("login success", token)); } diff --git a/be/src/test/java/com/secondhand/user/login/JwtUtilTest.java b/be/src/test/java/com/secondhand/user/login/JwtUtilTest.java index f2ed94a39..d93c6619c 100644 --- a/be/src/test/java/com/secondhand/user/login/JwtUtilTest.java +++ b/be/src/test/java/com/secondhand/user/login/JwtUtilTest.java @@ -3,12 +3,14 @@ import com.secondhand.user.entity.User; import com.secondhand.user.login.dto.LoggedInUser; import com.secondhand.user.login.dto.UserProfileResponse; +import com.secondhand.user.repository.UserRepository; import org.junit.jupiter.api.DisplayName; import org.junit.jupiter.api.Test; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.boot.test.context.SpringBootTest; import javax.transaction.Transactional; +import java.util.Date; import static org.assertj.core.api.Assertions.assertThat; @@ -18,8 +20,13 @@ class JwtUtilTest { @Autowired private JwtUtil jwtUtil; + @Autowired + private LoginService loginService; + + @Autowired + private UserRepository userRepository; + @DisplayName("유저가 로그인을 하면 해당 유저의 정보가 담긴 JWT 토근을 만들 수 있다.") - @Transactional @Test void testCreateToken() { @@ -27,7 +34,7 @@ void testCreateToken() { LoggedInUser loggedInUser = getLoggedInUser(); // when - String token = jwtUtil.createToken(loggedInUser); + String token = jwtUtil.createToken(loggedInUser, new Date(new Date().getTime() + 3600000)); LoggedInUser extractedUserFromToken = jwtUtil.extractedUserFromToken(token); // then @@ -39,13 +46,13 @@ void testCreateToken() { assertThat(loggedInUser.getSecondRegionId()).isEqualTo(extractedUserFromToken.getSecondRegionId()); } - @DisplayName("조작된 토큰이 들어오면 ManipulatedTokenException이 발생한다.") + @DisplayName("조작된 토큰이 들어오면 false를 반환한다") @Test void testManipulatedToken() { // given LoggedInUser loggedInUser = getLoggedInUser(); - String token = jwtUtil.createToken(loggedInUser); + String token = jwtUtil.createToken(loggedInUser, new Date(new Date().getTime() + 3600000)); // when boolean validated = jwtUtil.validateTokenIsManipulated(token + "a"); @@ -54,6 +61,40 @@ void testManipulatedToken() { assertThat(validated).isFalse(); } + @DisplayName("만료된 토큰이 들어오면 false를 반환한다.") + @Test + void testExpiredToken() { + + // given + LoggedInUser loggedInUser = getLoggedInUser(); + String token = jwtUtil.createToken(loggedInUser, new Date(new Date().getTime() - 3600000)); + + // when + boolean validated = jwtUtil.validateTokenIsExpired(token); + + // then + assertThat(validated).isFalse(); + } + + @DisplayName("회원가입을 하면 유저 정보를 저장한다.") + @Transactional + @Test + void testCreateUser() { + + // given + UserProfileResponse userProfileResponse = new UserProfileResponse(); + userProfileResponse.setId(200L); + userProfileResponse.setName("test"); + userProfileResponse.setAvatarUrl("test"); + + // when + LoggedInUser user = loginService.createUser(userProfileResponse); + User foundUser = userRepository.findById(user.getId()).orElseThrow(); + + // then + assertThat(user.getId()).isEqualTo(foundUser.getId()); + } + private LoggedInUser getLoggedInUser() { UserProfileResponse userProfileResponse = new UserProfileResponse(); userProfileResponse.setId(200L);