Skip to content

[Feat] User 테이블에 엑세스토큰 저장하게하여 다중로그인 방지 (임시처리) #229

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
jjjh02 merged 1 commit into from
Aug 10, 2025
Merged

[Feat] User 테이블에 엑세스토큰 저장하게하여 다중로그인 방지 (임시처리) #229

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 6 additions & 0 deletions ontime-back/src/main/java/devkor/ontime_back/entity/User.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -48,6 +48,8 @@ public class User {

private String socialId; // 로그인한 소셜 타입의 식별자 값 (일반 로그인인 경우 null)

private String accessToken; // accessToken

private String refreshToken; // refreshToken

private String firebaseToken;
Expand Down Expand Up @@ -126,4 +128,8 @@ public void updateNote(String note) {
public void updateFirebaseToken(String firebaseToken) {
this.firebaseToken = firebaseToken;
}

public void updateAccessToken(String accessToken) {
this.accessToken = accessToken;
}
}
2 changes: 1 addition & 1 deletion ...ack/src/main/java/devkor/ontime_back/global/generallogin/handler/LoginSuccessHandler.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,7 @@ public void onAuthenticationSuccess(HttpServletRequest request, HttpServletRespo
// 수정된 부분: 응답 헤더에 AccessToken, RefreshToken 실어서 응답
jwtTokenProvider.sendAccessAndRefreshToken(response, accessToken, refreshToken);

// 수정된 부분: RefreshToken을 User 엔티티에 업데이트 후 저장
user.updateAccessToken(accessToken);
user.updateRefreshToken(refreshToken);
userRepository.saveAndFlush(user);

Expand Down
2 changes: 2 additions & 0 deletions ontime-back/src/main/java/devkor/ontime_back/global/jwt/JwtTokenProvider.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -166,6 +166,8 @@ public boolean isTokenValid(String token) {

public boolean isAccessTokenValid(String token) {
try {
userRepository.findByAccessToken(token)
.orElseThrow(() -> new InvalidAccessTokenException("유효하지 않은 엑세스 토큰입니다."));
JWT.require(Algorithm.HMAC512(secretKey)).build().verify(token);
log.info("유효한 엑세스 토큰입니다.");
return true;
Expand Down
2 changes: 2 additions & 0 deletions ontime-back/src/main/java/devkor/ontime_back/repository/UserRepository.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,4 +23,6 @@ public interface UserRepository extends JpaRepository<User, Long> {

@Query("SELECT u.spareTime FROM User u WHERE u.id = :id")
Integer findSpareTimeById(Long id);

Optional<Object> findByAccessToken(String token);
}
1 change: 1 addition & 0 deletions ontime-back/src/main/resources/db/migration/V4__add_field_accesstoken_to_user.sql
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
ALTER TABLE user ADD COLUMN access_token VARCHAR(255);