Add refresh token endpoint
This commit is contained in:
Dmitrii Cravcenco
7
pom.xml
7
pom.xml
@@ -64,10 +64,9 @@
|
|||||||
<version>0.11.5</version>
|
<version>0.11.5</version>
|
||||||
</dependency>
|
</dependency>
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.projectlombok</groupId>
|
<groupId>jakarta.validation</groupId>
|
||||||
<artifactId>lombok</artifactId>
|
<artifactId>jakarta.validation-api</artifactId>
|
||||||
<version>1.18.20</version>
|
<version>2.0.2</version>
|
||||||
<scope>provided</scope>
|
|
||||||
</dependency>
|
</dependency>
|
||||||
</dependencies>
|
</dependencies>
|
||||||
<build>
|
<build>
|
||||||
|
|||||||
@@ -4,7 +4,7 @@ import lombok.RequiredArgsConstructor;
|
|||||||
import org.springframework.context.annotation.Bean;
|
import org.springframework.context.annotation.Bean;
|
||||||
import org.springframework.context.annotation.Configuration;
|
import org.springframework.context.annotation.Configuration;
|
||||||
import org.springframework.security.authentication.AuthenticationProvider;
|
import org.springframework.security.authentication.AuthenticationProvider;
|
||||||
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
|
import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
|
||||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||||
import org.springframework.security.config.http.SessionCreationPolicy;
|
import org.springframework.security.config.http.SessionCreationPolicy;
|
||||||
@@ -14,7 +14,7 @@ import org.springframework.security.web.authentication.UsernamePasswordAuthentic
|
|||||||
@Configuration
|
@Configuration
|
||||||
@EnableWebSecurity
|
@EnableWebSecurity
|
||||||
@RequiredArgsConstructor
|
@RequiredArgsConstructor
|
||||||
@EnableGlobalMethodSecurity(prePostEnabled = true)
|
@EnableMethodSecurity
|
||||||
public class SecurityConfiguration {
|
public class SecurityConfiguration {
|
||||||
|
|
||||||
private final JwtAuthenticationFilter jwtAuthFilter;
|
private final JwtAuthenticationFilter jwtAuthFilter;
|
||||||
|
|||||||
@@ -23,4 +23,9 @@ public class AuthenticationController {
|
|||||||
public ResponseEntity<AuthenticationResponse> authenticate(@RequestBody AuthenticationRequest request) {
|
public ResponseEntity<AuthenticationResponse> authenticate(@RequestBody AuthenticationRequest request) {
|
||||||
return ResponseEntity.ok(service.authenticate(request));
|
return ResponseEntity.ok(service.authenticate(request));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@PostMapping("/refresh")
|
||||||
|
public ResponseEntity<AuthenticationResponse> refreshAccessToken(@RequestBody TokenRefreshRequest refreshRequest) {
|
||||||
|
return ResponseEntity.ok(service.refreshAccessToken(refreshRequest));
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -1,5 +1,6 @@
|
|||||||
package com.faf223.expensetrackerfaf.controller.auth;
|
package com.faf223.expensetrackerfaf.controller.auth;
|
||||||
|
|
||||||
|
import com.fasterxml.jackson.annotation.JsonProperty;
|
||||||
import lombok.AllArgsConstructor;
|
import lombok.AllArgsConstructor;
|
||||||
import lombok.Builder;
|
import lombok.Builder;
|
||||||
import lombok.Data;
|
import lombok.Data;
|
||||||
@@ -11,5 +12,8 @@ import lombok.NoArgsConstructor;
|
|||||||
@NoArgsConstructor
|
@NoArgsConstructor
|
||||||
public class AuthenticationResponse {
|
public class AuthenticationResponse {
|
||||||
|
|
||||||
private String token;
|
@JsonProperty("access_token")
|
||||||
|
private String accessToken;
|
||||||
|
@JsonProperty("refresh_token")
|
||||||
|
private String refreshToken;
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -0,0 +1,8 @@
|
|||||||
|
package com.faf223.expensetrackerfaf.controller.auth;
|
||||||
|
|
||||||
|
import lombok.Data;
|
||||||
|
|
||||||
|
@Data
|
||||||
|
public class TokenRefreshRequest {
|
||||||
|
private String refreshToken;
|
||||||
|
}
|
||||||
@@ -7,4 +7,6 @@ import java.util.Optional;
|
|||||||
|
|
||||||
public interface UserRepository extends JpaRepository<User, String> {
|
public interface UserRepository extends JpaRepository<User, String> {
|
||||||
Optional<User> getUserByUserUuid(String userUuid);
|
Optional<User> getUserByUserUuid(String userUuid);
|
||||||
|
|
||||||
|
Optional<User> findByUsername(String username);
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -4,6 +4,7 @@ import com.faf223.expensetrackerfaf.config.JwtService;
|
|||||||
import com.faf223.expensetrackerfaf.controller.auth.AuthenticationRequest;
|
import com.faf223.expensetrackerfaf.controller.auth.AuthenticationRequest;
|
||||||
import com.faf223.expensetrackerfaf.controller.auth.AuthenticationResponse;
|
import com.faf223.expensetrackerfaf.controller.auth.AuthenticationResponse;
|
||||||
import com.faf223.expensetrackerfaf.controller.auth.RegisterRequest;
|
import com.faf223.expensetrackerfaf.controller.auth.RegisterRequest;
|
||||||
|
import com.faf223.expensetrackerfaf.controller.auth.TokenRefreshRequest;
|
||||||
import com.faf223.expensetrackerfaf.model.Credential;
|
import com.faf223.expensetrackerfaf.model.Credential;
|
||||||
import com.faf223.expensetrackerfaf.model.User;
|
import com.faf223.expensetrackerfaf.model.User;
|
||||||
import com.faf223.expensetrackerfaf.repository.CredentialRepository;
|
import com.faf223.expensetrackerfaf.repository.CredentialRepository;
|
||||||
@@ -12,10 +13,14 @@ import com.faf223.expensetrackerfaf.security.PersonDetails;
|
|||||||
import lombok.RequiredArgsConstructor;
|
import lombok.RequiredArgsConstructor;
|
||||||
import org.springframework.security.authentication.AuthenticationManager;
|
import org.springframework.security.authentication.AuthenticationManager;
|
||||||
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
||||||
|
import org.springframework.security.core.userdetails.UserDetails;
|
||||||
import org.springframework.security.core.userdetails.UsernameNotFoundException;
|
import org.springframework.security.core.userdetails.UsernameNotFoundException;
|
||||||
import org.springframework.security.crypto.password.PasswordEncoder;
|
import org.springframework.security.crypto.password.PasswordEncoder;
|
||||||
import org.springframework.stereotype.Service;
|
import org.springframework.stereotype.Service;
|
||||||
|
|
||||||
|
import java.io.IOException;
|
||||||
|
import java.util.Optional;
|
||||||
|
|
||||||
@Service
|
@Service
|
||||||
@RequiredArgsConstructor
|
@RequiredArgsConstructor
|
||||||
public class AuthenticationService {
|
public class AuthenticationService {
|
||||||
@@ -38,9 +43,13 @@ public class AuthenticationService {
|
|||||||
Credential credential = new Credential(user, request.getEmail(), passwordEncoder.encode(request.getPassword()));
|
Credential credential = new Credential(user, request.getEmail(), passwordEncoder.encode(request.getPassword()));
|
||||||
credentialRepository.save(credential);
|
credentialRepository.save(credential);
|
||||||
|
|
||||||
String jwtToken = jwtService.generateToken(new PersonDetails(credential));
|
UserDetails userDetails = new PersonDetails(credential);
|
||||||
|
String jwtToken = jwtService.generateToken(userDetails);
|
||||||
|
String refreshToken = jwtService.generateToken(userDetails);
|
||||||
|
|
||||||
return AuthenticationResponse.builder()
|
return AuthenticationResponse.builder()
|
||||||
.token(jwtToken)
|
.accessToken(jwtToken)
|
||||||
|
.refreshToken(refreshToken)
|
||||||
.build();
|
.build();
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -49,10 +58,30 @@ public class AuthenticationService {
|
|||||||
|
|
||||||
Credential credential = credentialRepository.findByEmail(request.getEmail()).orElseThrow((() -> new UsernameNotFoundException("User not found")));
|
Credential credential = credentialRepository.findByEmail(request.getEmail()).orElseThrow((() -> new UsernameNotFoundException("User not found")));
|
||||||
|
|
||||||
String jwtToken = jwtService.generateToken(new PersonDetails(credential));
|
UserDetails userDetails = new PersonDetails(credential);
|
||||||
|
String jwtToken = jwtService.generateToken(userDetails);
|
||||||
|
String refreshToken = jwtService.generateToken(userDetails);
|
||||||
return AuthenticationResponse.builder()
|
return AuthenticationResponse.builder()
|
||||||
.token(jwtToken)
|
.accessToken(jwtToken)
|
||||||
|
.refreshToken(refreshToken)
|
||||||
.build();
|
.build();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public AuthenticationResponse refreshAccessToken(TokenRefreshRequest refreshRequest) {
|
||||||
|
String refreshToken = refreshRequest.getRefreshToken();
|
||||||
|
|
||||||
|
Optional<Credential> credential = credentialRepository.findByEmail(jwtService.extractUsername(refreshToken));
|
||||||
|
if (credential.isPresent()) {
|
||||||
|
UserDetails userDetails = new PersonDetails(credential.get());
|
||||||
|
|
||||||
|
String jwtToken = jwtService.generateToken(userDetails);
|
||||||
|
return AuthenticationResponse.builder()
|
||||||
|
.accessToken(jwtToken)
|
||||||
|
.refreshToken(refreshToken) // Return the same refresh token
|
||||||
|
.build();
|
||||||
|
}else {
|
||||||
|
throw new RuntimeException("Invalid or expired refresh token");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user