byte/expensetracker
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add refresh token endpoint

Browse Source
This commit is contained in:
Dmitrii Cravcenco
2023-10-11 12:57:33 +03:00
parent 19ac92f268
commit b1b13dc736
7 changed files with 58 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

37
src/main/java/com/faf223/expensetrackerfaf/service/AuthenticationService.java
View File

@@ -4,6 +4,7 @@ import com.faf223.expensetrackerfaf.config.JwtService;
import com.faf223.expensetrackerfaf.controller.auth.AuthenticationRequest;
import com.faf223.expensetrackerfaf.controller.auth.AuthenticationResponse;
import com.faf223.expensetrackerfaf.controller.auth.RegisterRequest;
import com.faf223.expensetrackerfaf.controller.auth.TokenRefreshRequest;
import com.faf223.expensetrackerfaf.model.Credential;
import com.faf223.expensetrackerfaf.model.User;
import com.faf223.expensetrackerfaf.repository.CredentialRepository;
@@ -12,10 +13,14 @@ import com.faf223.expensetrackerfaf.security.PersonDetails;
import lombok.RequiredArgsConstructor;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.stereotype.Service;
import java.io.IOException;
import java.util.Optional;
@Service
@RequiredArgsConstructor
public class AuthenticationService {
@@ -38,9 +43,13 @@ public class AuthenticationService {
Credential credential = new Credential(user, request.getEmail(), passwordEncoder.encode(request.getPassword()));
credentialRepository.save(credential);
String jwtToken = jwtService.generateToken(new PersonDetails(credential));
UserDetails userDetails = new PersonDetails(credential);
String jwtToken = jwtService.generateToken(userDetails);
String refreshToken = jwtService.generateToken(userDetails);
return AuthenticationResponse.builder()
.token(jwtToken)
.accessToken(jwtToken)
.refreshToken(refreshToken)
.build();
}
@@ -49,10 +58,30 @@ public class AuthenticationService {
Credential credential = credentialRepository.findByEmail(request.getEmail()).orElseThrow((() -> new UsernameNotFoundException("User not found")));
String jwtToken = jwtService.generateToken(new PersonDetails(credential));
UserDetails userDetails = new PersonDetails(credential);
String jwtToken = jwtService.generateToken(userDetails);
String refreshToken = jwtService.generateToken(userDetails);
return AuthenticationResponse.builder()
.token(jwtToken)
.accessToken(jwtToken)
.refreshToken(refreshToken)
.build();
}
public AuthenticationResponse refreshAccessToken(TokenRefreshRequest refreshRequest) {
String refreshToken = refreshRequest.getRefreshToken();
Optional<Credential> credential = credentialRepository.findByEmail(jwtService.extractUsername(refreshToken));
if (credential.isPresent()) {
UserDetails userDetails = new PersonDetails(credential.get());
String jwtToken = jwtService.generateToken(userDetails);
return AuthenticationResponse.builder()
.accessToken(jwtToken)
.refreshToken(refreshToken) // Return the same refresh token
.build();
}else {
throw new RuntimeException("Invalid or expired refresh token");
}
}
}