주석 추가

sohyounsoo · sohyounsoo · commit 3b773d8d17f2 · 2023-12-04T11:47:12.000+09:00
diff --git a/src/main/java/com/example/security/jwt/account/presentation/AccountController.java b/src/main/java/com/example/security/jwt/account/presentation/AccountController.java
@@ -64,6 +64,7 @@ public ResponseEntity<CommonResponse> refreshToken(@Valid @RequestBody RequestAc
      * Authorization : Bearer {AccessToken}
      * @AuthenticationPrincipal를 통해 JwtFilter에서 토큰을 검증하며 등록한 시큐리티 유저 객체를 꺼내옴
      * JwtFilter는 디비 조회 X
+     * 토큰 유저 조회
      */
     @GetMapping("/user")
     @PreAuthorize("hasAnyRole('MEMBER','ADMIN')") // USER, ADMIN 권한 둘 다 호출 허용
@@ -80,8 +81,13 @@ public ResponseEntity<CommonResponse> getMyUserInfo(@AuthenticationPrincipal Use
         return ResponseEntity.ok(response);
     }
 
+    /**
+     * 해당 계정의 가중치를 1 올린다. -> 리플레쉬 토큰 무효
+     * @param userName
+     * @return
+     */
     @DeleteMapping("/{userName}/token")
-    @PreAuthorize("hasAnyRole('ADMIN')") // ADMIN 권한만 호출 가능
+    @PreAuthorize("hasAnyRole('ADMIN')")
     public ResponseEntity<CommonResponse> authorize(@PathVariable String userName) {
         accountService.invalidateRefreshTokenByUsername(userName);
         //응답
