Add Refresh Token API
This commit is contained in:
Hanif
@@ -1,6 +1,7 @@
|
|||||||
package com.hakimfauzi23.boilerplatespringsecurity.modules.auth.controllers;
|
package com.hakimfauzi23.boilerplatespringsecurity.modules.auth.controllers;
|
||||||
|
|
||||||
import com.hakimfauzi23.boilerplatespringsecurity.modules.auth.data.ERole;
|
import com.hakimfauzi23.boilerplatespringsecurity.modules.auth.data.ERole;
|
||||||
|
import com.hakimfauzi23.boilerplatespringsecurity.modules.auth.data.RefreshToken;
|
||||||
import com.hakimfauzi23.boilerplatespringsecurity.modules.auth.data.Role;
|
import com.hakimfauzi23.boilerplatespringsecurity.modules.auth.data.Role;
|
||||||
import com.hakimfauzi23.boilerplatespringsecurity.modules.auth.data.User;
|
import com.hakimfauzi23.boilerplatespringsecurity.modules.auth.data.User;
|
||||||
import com.hakimfauzi23.boilerplatespringsecurity.modules.auth.data.payload.request.LoginRequest;
|
import com.hakimfauzi23.boilerplatespringsecurity.modules.auth.data.payload.request.LoginRequest;
|
||||||
@@ -8,9 +9,12 @@ import com.hakimfauzi23.boilerplatespringsecurity.modules.auth.data.payload.requ
|
|||||||
import com.hakimfauzi23.boilerplatespringsecurity.modules.auth.data.payload.response.MessageResponse;
|
import com.hakimfauzi23.boilerplatespringsecurity.modules.auth.data.payload.response.MessageResponse;
|
||||||
import com.hakimfauzi23.boilerplatespringsecurity.modules.auth.data.payload.response.UserInfoResponse;
|
import com.hakimfauzi23.boilerplatespringsecurity.modules.auth.data.payload.response.UserInfoResponse;
|
||||||
import com.hakimfauzi23.boilerplatespringsecurity.modules.auth.jwt.JwtUtils;
|
import com.hakimfauzi23.boilerplatespringsecurity.modules.auth.jwt.JwtUtils;
|
||||||
|
import com.hakimfauzi23.boilerplatespringsecurity.modules.auth.jwt.exception.TokenRefreshException;
|
||||||
import com.hakimfauzi23.boilerplatespringsecurity.modules.auth.repository.RoleRepository;
|
import com.hakimfauzi23.boilerplatespringsecurity.modules.auth.repository.RoleRepository;
|
||||||
import com.hakimfauzi23.boilerplatespringsecurity.modules.auth.repository.UserRepository;
|
import com.hakimfauzi23.boilerplatespringsecurity.modules.auth.repository.UserRepository;
|
||||||
|
import com.hakimfauzi23.boilerplatespringsecurity.modules.auth.service.RefreshTokenService;
|
||||||
import com.hakimfauzi23.boilerplatespringsecurity.modules.auth.service.UserDetailsImpl;
|
import com.hakimfauzi23.boilerplatespringsecurity.modules.auth.service.UserDetailsImpl;
|
||||||
|
import jakarta.servlet.http.HttpServletRequest;
|
||||||
import jakarta.validation.Valid;
|
import jakarta.validation.Valid;
|
||||||
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.beans.factory.annotation.Autowired;
|
||||||
import org.springframework.http.HttpHeaders;
|
import org.springframework.http.HttpHeaders;
|
||||||
@@ -19,12 +23,14 @@ import org.springframework.http.ResponseEntity;
|
|||||||
import org.springframework.security.authentication.AuthenticationManager;
|
import org.springframework.security.authentication.AuthenticationManager;
|
||||||
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
||||||
import org.springframework.security.core.Authentication;
|
import org.springframework.security.core.Authentication;
|
||||||
|
import org.springframework.security.core.GrantedAuthority;
|
||||||
import org.springframework.security.core.context.SecurityContextHolder;
|
import org.springframework.security.core.context.SecurityContextHolder;
|
||||||
import org.springframework.security.crypto.password.PasswordEncoder;
|
import org.springframework.security.crypto.password.PasswordEncoder;
|
||||||
import org.springframework.web.bind.annotation.*;
|
import org.springframework.web.bind.annotation.*;
|
||||||
|
|
||||||
import java.util.HashSet;
|
import java.util.HashSet;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
|
import java.util.Objects;
|
||||||
import java.util.Set;
|
import java.util.Set;
|
||||||
import java.util.stream.Collectors;
|
import java.util.stream.Collectors;
|
||||||
|
|
||||||
@@ -48,6 +54,9 @@ public class AuthController {
|
|||||||
@Autowired
|
@Autowired
|
||||||
JwtUtils jwtUtils;
|
JwtUtils jwtUtils;
|
||||||
|
|
||||||
|
@Autowired
|
||||||
|
RefreshTokenService refreshTokenService;
|
||||||
|
|
||||||
@PostMapping("/signup")
|
@PostMapping("/signup")
|
||||||
public ResponseEntity<?> registerUser(@Valid @RequestBody SignupRequest signUpRequest) {
|
public ResponseEntity<?> registerUser(@Valid @RequestBody SignupRequest signUpRequest) {
|
||||||
if (userRepository.existsByUsername(signUpRequest.getUsername())) {
|
if (userRepository.existsByUsername(signUpRequest.getUsername())) {
|
||||||
@@ -103,20 +112,55 @@ public class AuthController {
|
|||||||
ResponseCookie jwtCookie = jwtUtils.generateJwtCookie(userDetails);
|
ResponseCookie jwtCookie = jwtUtils.generateJwtCookie(userDetails);
|
||||||
|
|
||||||
List<String> roles = userDetails.getAuthorities().stream()
|
List<String> roles = userDetails.getAuthorities().stream()
|
||||||
.map(item -> item.getAuthority())
|
.map(GrantedAuthority::getAuthority)
|
||||||
.collect(Collectors.toList());
|
.collect(Collectors.toList());
|
||||||
|
|
||||||
return ResponseEntity.ok().header(HttpHeaders.SET_COOKIE, jwtCookie.toString())
|
RefreshToken refreshToken = refreshTokenService.createRefreshToken(userDetails.getId());
|
||||||
.body(new UserInfoResponse(userDetails.getId(),
|
|
||||||
userDetails.getUsername(),
|
ResponseCookie jwtRefreshCookie = jwtUtils.generateRefreshJwtCookie(refreshToken.getToken());
|
||||||
userDetails.getEmail(),
|
|
||||||
roles));
|
return ResponseEntity.ok()
|
||||||
|
.header(HttpHeaders.SET_COOKIE, jwtCookie.toString())
|
||||||
|
.header(HttpHeaders.SET_COOKIE, jwtRefreshCookie.toString())
|
||||||
|
.body(new UserInfoResponse(userDetails.getId(), userDetails.getUsername(), userDetails.getEmail(), roles));
|
||||||
}
|
}
|
||||||
|
|
||||||
@PostMapping("/signout")
|
@PostMapping("/signout")
|
||||||
public ResponseEntity<?> logoutUser() {
|
public ResponseEntity<?> logoutUser() {
|
||||||
ResponseCookie cookie = jwtUtils.getCleanJwtCookie();
|
Object principle = SecurityContextHolder.getContext().getAuthentication().getPrincipal();
|
||||||
return ResponseEntity.ok().header(HttpHeaders.SET_COOKIE, cookie.toString())
|
if (!Objects.equals(principle.toString(), "anonymousUser")) {
|
||||||
|
Long userId = ((UserDetailsImpl) principle).getId();
|
||||||
|
refreshTokenService.deleteByUserId(userId);
|
||||||
|
}
|
||||||
|
|
||||||
|
ResponseCookie jwtCookie = jwtUtils.getCleanJwtCookie();
|
||||||
|
ResponseCookie jwtRefreshCookie = jwtUtils.getCleanJwtRefreshCookie();
|
||||||
|
|
||||||
|
return ResponseEntity.ok()
|
||||||
|
.header(HttpHeaders.SET_COOKIE, jwtCookie.toString())
|
||||||
|
.header(HttpHeaders.SET_COOKIE, jwtRefreshCookie.toString())
|
||||||
.body(new MessageResponse("You've been signed out!"));
|
.body(new MessageResponse("You've been signed out!"));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@PostMapping("/refresh-token")
|
||||||
|
public ResponseEntity<?> refreshToken(HttpServletRequest request) {
|
||||||
|
String refreshToken = jwtUtils.getJwtRefreshFromCookies(request);
|
||||||
|
|
||||||
|
if ((refreshToken != null) && (refreshToken.length() > 0)) {
|
||||||
|
return refreshTokenService.findByToken(refreshToken)
|
||||||
|
.map(refreshTokenService::verifyExpiration)
|
||||||
|
.map(RefreshToken::getUser)
|
||||||
|
.map(user -> {
|
||||||
|
ResponseCookie jwtCookie = jwtUtils.generateJwtCookie(user);
|
||||||
|
|
||||||
|
return ResponseEntity.ok()
|
||||||
|
.header(HttpHeaders.SET_COOKIE, jwtCookie.toString())
|
||||||
|
.body(new MessageResponse("Token is refreshed successfully!"));
|
||||||
|
})
|
||||||
|
.orElseThrow(() -> new TokenRefreshException(refreshToken,
|
||||||
|
"Refresh token is not in database!"));
|
||||||
|
}
|
||||||
|
|
||||||
|
return ResponseEntity.badRequest().body(new MessageResponse("Refresh Token is empty!"));
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -0,0 +1,65 @@
|
|||||||
|
package com.hakimfauzi23.boilerplatespringsecurity.modules.auth.data;
|
||||||
|
|
||||||
|
import jakarta.persistence.*;
|
||||||
|
|
||||||
|
import java.time.Instant;
|
||||||
|
|
||||||
|
@Entity(name = "refresh_token")
|
||||||
|
public class RefreshToken {
|
||||||
|
|
||||||
|
@Id
|
||||||
|
@GeneratedValue(strategy = GenerationType.AUTO)
|
||||||
|
private Long id;
|
||||||
|
|
||||||
|
@OneToOne
|
||||||
|
@JoinColumn(name = "user_id", referencedColumnName = "id")
|
||||||
|
private User user;
|
||||||
|
|
||||||
|
@Column(nullable = false, unique = true)
|
||||||
|
private String token;
|
||||||
|
|
||||||
|
@Column(nullable = false)
|
||||||
|
private Instant expirationDate;
|
||||||
|
|
||||||
|
public RefreshToken() {
|
||||||
|
}
|
||||||
|
|
||||||
|
public RefreshToken(Long id, User user, String token, Instant expirationDate) {
|
||||||
|
this.id = id;
|
||||||
|
this.user = user;
|
||||||
|
this.token = token;
|
||||||
|
this.expirationDate = expirationDate;
|
||||||
|
}
|
||||||
|
|
||||||
|
public Long getId() {
|
||||||
|
return id;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setId(Long id) {
|
||||||
|
this.id = id;
|
||||||
|
}
|
||||||
|
|
||||||
|
public User getUser() {
|
||||||
|
return user;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setUser(User user) {
|
||||||
|
this.user = user;
|
||||||
|
}
|
||||||
|
|
||||||
|
public String getToken() {
|
||||||
|
return token;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setToken(String token) {
|
||||||
|
this.token = token;
|
||||||
|
}
|
||||||
|
|
||||||
|
public Instant getExpirationDate() {
|
||||||
|
return expirationDate;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setExpirationDate(Instant expirationDate) {
|
||||||
|
this.expirationDate = expirationDate;
|
||||||
|
}
|
||||||
|
}
|
||||||
@@ -1,5 +1,6 @@
|
|||||||
package com.hakimfauzi23.boilerplatespringsecurity.modules.auth.jwt;
|
package com.hakimfauzi23.boilerplatespringsecurity.modules.auth.jwt;
|
||||||
|
|
||||||
|
import com.hakimfauzi23.boilerplatespringsecurity.modules.auth.data.User;
|
||||||
import com.hakimfauzi23.boilerplatespringsecurity.modules.auth.service.UserDetailsImpl;
|
import com.hakimfauzi23.boilerplatespringsecurity.modules.auth.service.UserDetailsImpl;
|
||||||
import io.jsonwebtoken.*;
|
import io.jsonwebtoken.*;
|
||||||
import io.jsonwebtoken.io.Decoders;
|
import io.jsonwebtoken.io.Decoders;
|
||||||
@@ -30,26 +31,40 @@ public class JwtUtils {
|
|||||||
@Value("${spring.app.jwtCookieName}")
|
@Value("${spring.app.jwtCookieName}")
|
||||||
private String jwtCookie;
|
private String jwtCookie;
|
||||||
|
|
||||||
|
@Value("${spring.app.jwtRefreshCookieName}")
|
||||||
|
private String jwtRefreshCookie;
|
||||||
|
|
||||||
public String getJwtFromCookies(HttpServletRequest request) {
|
public String getJwtFromCookies(HttpServletRequest request) {
|
||||||
Cookie cookie = WebUtils.getCookie(request, jwtCookie);
|
return getCookieValueByName(request, jwtCookie);
|
||||||
if (cookie != null) {
|
}
|
||||||
return cookie.getValue();
|
|
||||||
} else {
|
public String getJwtRefreshFromCookies(HttpServletRequest request) {
|
||||||
return null;
|
return getCookieValueByName(request, jwtRefreshCookie);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public ResponseCookie getCleanJwtCookie() {
|
||||||
|
return ResponseCookie.from(jwtCookie, null).path("/api").build();
|
||||||
|
}
|
||||||
|
|
||||||
|
public ResponseCookie getCleanJwtRefreshCookie() {
|
||||||
|
return ResponseCookie.from(jwtRefreshCookie, null).path("/api/auth/refresh-token").build();
|
||||||
}
|
}
|
||||||
|
|
||||||
public ResponseCookie generateJwtCookie(UserDetailsImpl userDetails) {
|
public ResponseCookie generateJwtCookie(UserDetailsImpl userDetails) {
|
||||||
String jwt = generateTokenFromUsername(userDetails.getUsername());
|
String jwt = generateTokenFromUsername(userDetails.getUsername());
|
||||||
ResponseCookie cookie = ResponseCookie.from(jwtCookie, jwt).path("/api").maxAge(24 * 60 * 60).httpOnly(true).build();
|
return generateCookie(jwtCookie, jwt, "/api");
|
||||||
return cookie;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
public ResponseCookie getCleanJwtCookie() {
|
public ResponseCookie generateJwtCookie(User user) {
|
||||||
ResponseCookie cookie = ResponseCookie.from(jwtCookie, null).path("/api").build();
|
String jwt = generateTokenFromUsername(user.getUsername());
|
||||||
return cookie;
|
return generateCookie(jwtCookie, jwt, "/api");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public ResponseCookie generateRefreshJwtCookie(String refreshToken) {
|
||||||
|
return generateCookie(jwtRefreshCookie, refreshToken, "/api/auth/refresh-token");
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
public String getUserNameFromJwtToken(String token) {
|
public String getUserNameFromJwtToken(String token) {
|
||||||
return Jwts.parserBuilder().setSigningKey(key()).build()
|
return Jwts.parserBuilder().setSigningKey(key()).build()
|
||||||
.parseClaimsJws(token).getBody().getSubject();
|
.parseClaimsJws(token).getBody().getSubject();
|
||||||
@@ -84,4 +99,17 @@ public class JwtUtils {
|
|||||||
.signWith(key(), SignatureAlgorithm.HS256)
|
.signWith(key(), SignatureAlgorithm.HS256)
|
||||||
.compact();
|
.compact();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private ResponseCookie generateCookie(String name, String value, String path) {
|
||||||
|
return ResponseCookie.from(name, value).path(path).maxAge(24 * 60 * 60).httpOnly(true).build();
|
||||||
|
}
|
||||||
|
|
||||||
|
private String getCookieValueByName(HttpServletRequest request, String name) {
|
||||||
|
Cookie cookie = WebUtils.getCookie(request, name);
|
||||||
|
if (cookie != null) {
|
||||||
|
return cookie.getValue();
|
||||||
|
} else {
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -0,0 +1,26 @@
|
|||||||
|
package com.hakimfauzi23.boilerplatespringsecurity.modules.auth.jwt.advice;
|
||||||
|
|
||||||
|
import com.hakimfauzi23.boilerplatespringsecurity.modules.auth.jwt.exception.ErrorMessage;
|
||||||
|
import com.hakimfauzi23.boilerplatespringsecurity.modules.auth.jwt.exception.TokenRefreshException;
|
||||||
|
import org.springframework.http.HttpStatus;
|
||||||
|
import org.springframework.web.bind.annotation.ExceptionHandler;
|
||||||
|
import org.springframework.web.bind.annotation.ResponseStatus;
|
||||||
|
import org.springframework.web.bind.annotation.RestControllerAdvice;
|
||||||
|
import org.springframework.web.context.request.WebRequest;
|
||||||
|
|
||||||
|
import java.util.Date;
|
||||||
|
|
||||||
|
@RestControllerAdvice
|
||||||
|
public class TokenControllerAdvice {
|
||||||
|
|
||||||
|
@ExceptionHandler(value = TokenRefreshException.class)
|
||||||
|
@ResponseStatus(HttpStatus.FORBIDDEN)
|
||||||
|
public ErrorMessage handleTokenRefreshException(TokenRefreshException ex, WebRequest request) {
|
||||||
|
return new ErrorMessage(
|
||||||
|
HttpStatus.FORBIDDEN.value(),
|
||||||
|
new Date(),
|
||||||
|
ex.getMessage(),
|
||||||
|
request.getDescription(false)
|
||||||
|
);
|
||||||
|
}
|
||||||
|
}
|
||||||
@@ -0,0 +1,34 @@
|
|||||||
|
package com.hakimfauzi23.boilerplatespringsecurity.modules.auth.jwt.exception;
|
||||||
|
|
||||||
|
import java.util.Date;
|
||||||
|
|
||||||
|
public class ErrorMessage {
|
||||||
|
|
||||||
|
private int statusCode;
|
||||||
|
private Date timestamp;
|
||||||
|
private String message;
|
||||||
|
private String description;
|
||||||
|
|
||||||
|
public ErrorMessage(int statusCode, Date timestamp, String message, String description) {
|
||||||
|
this.statusCode = statusCode;
|
||||||
|
this.timestamp = timestamp;
|
||||||
|
this.message = message;
|
||||||
|
this.description = description;
|
||||||
|
}
|
||||||
|
|
||||||
|
public int getStatusCode() {
|
||||||
|
return statusCode;
|
||||||
|
}
|
||||||
|
|
||||||
|
public Date getTimestamp() {
|
||||||
|
return timestamp;
|
||||||
|
}
|
||||||
|
|
||||||
|
public String getMessage() {
|
||||||
|
return message;
|
||||||
|
}
|
||||||
|
|
||||||
|
public String getDescription() {
|
||||||
|
return description;
|
||||||
|
}
|
||||||
|
}
|
||||||
@@ -0,0 +1,14 @@
|
|||||||
|
package com.hakimfauzi23.boilerplatespringsecurity.modules.auth.jwt.exception;
|
||||||
|
|
||||||
|
import org.springframework.http.HttpStatus;
|
||||||
|
import org.springframework.web.bind.annotation.ResponseStatus;
|
||||||
|
|
||||||
|
@ResponseStatus(HttpStatus.FORBIDDEN)
|
||||||
|
public class TokenRefreshException extends RuntimeException {
|
||||||
|
|
||||||
|
private static final long serialVersionUID = 1L;
|
||||||
|
|
||||||
|
public TokenRefreshException(String token, String message) {
|
||||||
|
super(String.format("Failed for [%s]: %s", token, message));
|
||||||
|
}
|
||||||
|
}
|
||||||
@@ -0,0 +1,18 @@
|
|||||||
|
package com.hakimfauzi23.boilerplatespringsecurity.modules.auth.repository;
|
||||||
|
|
||||||
|
import com.hakimfauzi23.boilerplatespringsecurity.modules.auth.data.RefreshToken;
|
||||||
|
import com.hakimfauzi23.boilerplatespringsecurity.modules.auth.data.User;
|
||||||
|
import org.springframework.data.jpa.repository.JpaRepository;
|
||||||
|
import org.springframework.data.jpa.repository.Modifying;
|
||||||
|
import org.springframework.stereotype.Repository;
|
||||||
|
|
||||||
|
import java.util.Optional;
|
||||||
|
|
||||||
|
@Repository
|
||||||
|
public interface RefreshTokenRepository extends JpaRepository<RefreshToken, Long> {
|
||||||
|
|
||||||
|
Optional<RefreshToken> findByToken(String token);
|
||||||
|
|
||||||
|
@Modifying
|
||||||
|
int deleteByUser(User user);
|
||||||
|
}
|
||||||
@@ -0,0 +1,57 @@
|
|||||||
|
package com.hakimfauzi23.boilerplatespringsecurity.modules.auth.service;
|
||||||
|
|
||||||
|
import com.hakimfauzi23.boilerplatespringsecurity.modules.auth.data.RefreshToken;
|
||||||
|
import com.hakimfauzi23.boilerplatespringsecurity.modules.auth.jwt.exception.TokenRefreshException;
|
||||||
|
import com.hakimfauzi23.boilerplatespringsecurity.modules.auth.repository.RefreshTokenRepository;
|
||||||
|
import com.hakimfauzi23.boilerplatespringsecurity.modules.auth.repository.UserRepository;
|
||||||
|
import org.springframework.beans.factory.annotation.Autowired;
|
||||||
|
import org.springframework.beans.factory.annotation.Value;
|
||||||
|
import org.springframework.stereotype.Service;
|
||||||
|
import org.springframework.transaction.annotation.Transactional;
|
||||||
|
|
||||||
|
import java.time.Instant;
|
||||||
|
import java.util.Optional;
|
||||||
|
import java.util.UUID;
|
||||||
|
|
||||||
|
@Service
|
||||||
|
public class RefreshTokenService {
|
||||||
|
|
||||||
|
@Value("${spring.app.jwtRefreshExpirationMs}")
|
||||||
|
private Long refreshTokenDurationMs;
|
||||||
|
|
||||||
|
@Autowired
|
||||||
|
private RefreshTokenRepository refreshTokenRepository;
|
||||||
|
|
||||||
|
@Autowired
|
||||||
|
private UserRepository userRepository;
|
||||||
|
|
||||||
|
public Optional<RefreshToken> findByToken(String token) {
|
||||||
|
return refreshTokenRepository.findByToken(token);
|
||||||
|
}
|
||||||
|
|
||||||
|
public RefreshToken createRefreshToken(Long userId) {
|
||||||
|
RefreshToken refreshToken = new RefreshToken();
|
||||||
|
|
||||||
|
refreshToken.setUser(userRepository.findById(userId).get());
|
||||||
|
refreshToken.setExpirationDate(Instant.now().plusMillis(refreshTokenDurationMs));
|
||||||
|
refreshToken.setToken(UUID.randomUUID().toString());
|
||||||
|
|
||||||
|
refreshToken = refreshTokenRepository.save(refreshToken);
|
||||||
|
return refreshToken;
|
||||||
|
}
|
||||||
|
|
||||||
|
public RefreshToken verifyExpiration(RefreshToken token) {
|
||||||
|
if (token.getExpirationDate().compareTo(Instant.now()) < 0) {
|
||||||
|
refreshTokenRepository.delete(token);
|
||||||
|
throw new TokenRefreshException(token.getToken(), "Refresh token was expired!. Please make a new signin request");
|
||||||
|
}
|
||||||
|
|
||||||
|
return token;
|
||||||
|
}
|
||||||
|
|
||||||
|
@Transactional
|
||||||
|
public int deleteByUserId(Long userId) {
|
||||||
|
return refreshTokenRepository.deleteByUser(userRepository.findById(userId).get());
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
@@ -5,5 +5,7 @@ spring.jpa.hibernate.ddl-auto= update
|
|||||||
|
|
||||||
# App Properties
|
# App Properties
|
||||||
spring.app.jwtCookieName= cookie-jwt-for-security
|
spring.app.jwtCookieName= cookie-jwt-for-security
|
||||||
|
spring.app.jwtRefreshCookieName= cookie-refresh-jwt-for-security
|
||||||
spring.app.jwtSecret= 9sL3p2mGzN7oR4Dx8QcY1uKwF5BhVtX6EaJgU3iZqOyMlIbCnAeHrWfPd0
|
spring.app.jwtSecret= 9sL3p2mGzN7oR4Dx8QcY1uKwF5BhVtX6EaJgU3iZqOyMlIbCnAeHrWfPd0
|
||||||
spring.app.jwtExpirationMs= 86400000
|
spring.app.jwtExpirationMs= 86400000
|
||||||
|
spring.app.jwtRefreshExpirationMs= 259200000
|
||||||
Reference in New Issue
Block a user