Skip to content

Commit

Permalink
SCRUM-49 feat: LogoutService
Browse files Browse the repository at this point in the history
  • Loading branch information
yeopyeop-82 committed Aug 12, 2024
1 parent d4220df commit 7030531
Showing 1 changed file with 76 additions and 2 deletions.
Original file line number Diff line number Diff line change
@@ -1,4 +1,78 @@
package com.kakaoteck.golagola.security.service;

public class LogoutService {
}
import com.kakaoteck.golagola.security.token.TokenBlackList;
import com.kakaoteck.golagola.security.token.TokenBlackListRepository;
import com.kakaoteck.golagola.security.token.TokenRepository;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import lombok.RequiredArgsConstructor;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.authentication.logout.LogoutHandler;
import org.springframework.stereotype.Service;

import java.io.IOException;

@Service
@RequiredArgsConstructor
public class LogoutService implements LogoutHandler {

private final TokenRepository tokenRepository;
private final TokenBlackListRepository tokenBlackListRepository;
private static final Logger logger = LoggerFactory.getLogger(LogoutService.class);

@Override
public void logout(HttpServletRequest request, HttpServletResponse response, Authentication authentication) {
final String authHeader = request.getHeader("Authorization");
if (authHeader == null || !authHeader.startsWith("Bearer ")) {
sendErrorResponse(response, "Token is missing or invalid");
return;
}

final String jwt = authHeader.substring(7);
var storedToken = tokenRepository.findByToken(jwt).orElse(null);
if (storedToken == null || storedToken.isExpired()) {
sendErrorResponse(response, "Token is missing or invalid");
} else {
if (!tokenBlackListRepository.existsByToken(jwt) ) {
TokenBlackList blackList = new TokenBlackList();
blackList.setToken(jwt);
tokenBlackListRepository.save(blackList);
storedToken.setExpired(true);
storedToken.setRevoked(true);
tokenRepository.save(storedToken);
SecurityContextHolder.clearContext();

sendSuccessResponse(response);

} else {
sendErrorResponse(response, "Can't use this token");
}
}
}

private void sendErrorResponse(HttpServletResponse response, String message) {
try {
response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
response.setContentType("application/json");
response.getWriter().write("{\"message\": \"" + message + "\"}");
response.getWriter().flush();
} catch (IOException e) {
logger.error("Error writing response", e);
}
}

private void sendSuccessResponse(HttpServletResponse response) {
try {
response.setStatus(HttpServletResponse.SC_OK); // 200 OK
response.setContentType("application/json");
response.getWriter().write("{\"message\": \"" + "logout" + "\"}");
response.getWriter().flush();
} catch (IOException e) {
logger.error("Error writing response", e);
}
}

}

0 comments on commit 7030531

Please sign in to comment.