Skip to content

Commit 23fb5f8

Browse files
authored
Merge pull request #229 from DevKor-github/login/multiple
[Feat] User 테이블에 엑세스토큰 저장하게하여 다중로그인 방지 (임시처리)
2 parents fd88414 + 897bfa0 commit 23fb5f8

5 files changed

Lines changed: 12 additions & 1 deletion

File tree

ontime-back/src/main/java/devkor/ontime_back/entity/User.java

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -48,6 +48,8 @@ public class User {
4848

4949
private String socialId; // 로그인한 소셜 타입의 식별자 값 (일반 로그인인 경우 null)
5050

51+
private String accessToken; // accessToken
52+
5153
private String refreshToken; // refreshToken
5254

5355
private String firebaseToken;
@@ -126,4 +128,8 @@ public void updateNote(String note) {
126128
public void updateFirebaseToken(String firebaseToken) {
127129
this.firebaseToken = firebaseToken;
128130
}
131+
132+
public void updateAccessToken(String accessToken) {
133+
this.accessToken = accessToken;
134+
}
129135
}

ontime-back/src/main/java/devkor/ontime_back/global/generallogin/handler/LoginSuccessHandler.java

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -39,7 +39,7 @@ public void onAuthenticationSuccess(HttpServletRequest request, HttpServletRespo
3939
// 수정된 부분: 응답 헤더에 AccessToken, RefreshToken 실어서 응답
4040
jwtTokenProvider.sendAccessAndRefreshToken(response, accessToken, refreshToken);
4141

42-
// 수정된 부분: RefreshToken을 User 엔티티에 업데이트 후 저장
42+
user.updateAccessToken(accessToken);
4343
user.updateRefreshToken(refreshToken);
4444
userRepository.saveAndFlush(user);
4545

ontime-back/src/main/java/devkor/ontime_back/global/jwt/JwtTokenProvider.java

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -166,6 +166,8 @@ public boolean isTokenValid(String token) {
166166

167167
public boolean isAccessTokenValid(String token) {
168168
try {
169+
userRepository.findByAccessToken(token)
170+
.orElseThrow(() -> new InvalidAccessTokenException("유효하지 않은 엑세스 토큰입니다."));
169171
JWT.require(Algorithm.HMAC512(secretKey)).build().verify(token);
170172
log.info("유효한 엑세스 토큰입니다.");
171173
return true;

ontime-back/src/main/java/devkor/ontime_back/repository/UserRepository.java

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -23,4 +23,6 @@ public interface UserRepository extends JpaRepository<User, Long> {
2323

2424
@Query("SELECT u.spareTime FROM User u WHERE u.id = :id")
2525
Integer findSpareTimeById(Long id);
26+
27+
Optional<Object> findByAccessToken(String token);
2628
}
Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1 @@
1+
ALTER TABLE user ADD COLUMN access_token VARCHAR(255);

0 commit comments

Comments
 (0)