Merge pull request #141 from Katchup-dev/fix/#140-reissue-token

[FIX] 토큰 재발급 API

src/main/java/site/katchup/katchupserver/api/member/repository/MemberRepository.java

@@ -9,10 +9,9 @@
 
 public interface MemberRepository extends JpaRepository<Member, Long> {
     Optional<Member> findByEmail(String email);
+    Optional<Member> findByRefreshToken(String refreshToken);
     boolean existsByEmail(String email);
 
-    boolean existsByIdAndRefreshToken(Long id, String refreshToken);
-
     default Member findByEmailOrThrow(String email) {
         return findByEmail(email)
                 .orElseThrow(() -> new UnauthorizedException(ErrorCode.INVALID_MEMBER));
@@ -22,4 +21,10 @@ default Member findByIdOrThrow(Long memberId) {
         return findById(memberId)
                 .orElseThrow(() -> new UnauthorizedException(ErrorCode.INVALID_MEMBER));
     }
+
+    default Member findByRefreshTokenOrThrow(String refreshToken) {
+        return findByRefreshToken(refreshToken)
+                .orElseThrow(() -> new UnauthorizedException(ErrorCode.INVALID_MEMBER));
+    }
+
 }

src/main/java/site/katchup/katchupserver/config/jwt/JwtAuthenticationFilter.java

@@ -40,9 +40,8 @@ protected void doFilterInternal(HttpServletRequest request, HttpServletResponse
                         return;
                     } else if (jwtTokenProvider.validateToken(refreshToken) == JwtExceptionType.VALID_JWT_TOKEN) {
                         // 토큰 재발급
-                        Long memberId = jwtTokenProvider.validateMemberRefreshToken(accessToken, refreshToken);
+                        Long memberId = jwtTokenProvider.validateMemberRefreshToken(refreshToken);
                         Authentication authentication = new UserAuthentication(memberId, null, null);
-
                         String newAccessToken = jwtTokenProvider.generateAccessToken(authentication);
 
                         setAuthentication(newAccessToken);

src/main/java/site/katchup/katchupserver/config/jwt/JwtTokenProvider.java

@@ -9,9 +9,8 @@
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.security.core.Authentication;
 import org.springframework.stereotype.Component;
+import site.katchup.katchupserver.api.member.domain.Member;
 import site.katchup.katchupserver.api.member.repository.MemberRepository;
-import site.katchup.katchupserver.common.exception.UnauthorizedException;
-import site.katchup.katchupserver.common.response.ErrorCode;
 
 import java.security.Key;
 import java.util.Date;
@@ -112,12 +111,8 @@ private Key getSignKey() {
         return Keys.hmacShaKeyFor(keyBytes);
     }
 
-    public Long validateMemberRefreshToken(String accessToken, String refreshToken) {
-        Claims claims = getAccessTokenPayload(accessToken);
-        Long memberId = Long.valueOf(String.valueOf(claims.get("memberId")));
-        if (!memberRepository.existsByIdAndRefreshToken(memberId, refreshToken)) {
-            throw new UnauthorizedException(ErrorCode.INVALID_MEMBER);
-        }
-        return memberId;
+    public Long validateMemberRefreshToken(String refreshToken) {
+        Member member = memberRepository.findByRefreshTokenOrThrow(refreshToken);
+        return member.getId();
     }
 }