Added refresh token endpoint
This commit is contained in:
Filip Izydorczyk
parent
7f630ccdac
commit
61c5a43192
|
|
@ -1,6 +1,7 @@
|
|||
package com.plannaplan.entities;
|
||||
|
||||
import java.sql.Timestamp;
|
||||
import java.util.UUID;
|
||||
import java.util.concurrent.TimeUnit;
|
||||
|
||||
import javax.persistence.Entity;
|
||||
|
|
@ -28,6 +29,7 @@ public class User {
|
|||
private String usosId;
|
||||
private UserRoles role;
|
||||
private String token;
|
||||
private String refreshToken;
|
||||
private Timestamp tokenUsageDate;
|
||||
|
||||
public User() {
|
||||
|
|
@ -105,6 +107,13 @@ public class User {
|
|||
return token;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return token needed to call refresh token after it expired
|
||||
*/
|
||||
public String getRefreshToken() {
|
||||
return refreshToken;
|
||||
}
|
||||
|
||||
/**
|
||||
* token seter. Sets token and automaticly set time when was set
|
||||
*
|
||||
|
|
@ -113,6 +122,7 @@ public class User {
|
|||
public void setToken(String token) {
|
||||
this.tokenUsageDate = new Timestamp(System.currentTimeMillis());
|
||||
this.token = token;
|
||||
this.refreshToken = UUID.randomUUID().toString();
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
|||
|
|
@ -38,6 +38,9 @@ public interface UserRepository extends JpaRepository<User, Long> {
|
|||
@Query("FROM User WHERE email = ?1")
|
||||
Optional<User> getByAuthority(@Param("authority") String authority);
|
||||
|
||||
@Query("FROM User WHERE refreshToken = ?1")
|
||||
Optional<User> getByRefreshToken(@Param("refreshToken") String refreshToken);
|
||||
|
||||
@Query("FROM User WHERE token = ?1")
|
||||
Optional<User> getByToken(@Param("token") String token);
|
||||
|
||||
|
|
|
|||
|
|
@ -1,22 +1,17 @@
|
|||
package com.plannaplan.services;
|
||||
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
// import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.scheduling.annotation.Scheduled;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
@Service
|
||||
public class EventService {
|
||||
|
||||
@Autowired
|
||||
private EmailService emailService;
|
||||
// @Autowired
|
||||
// private EmailService emailService;
|
||||
|
||||
@Scheduled(cron = "0 2 17 * * *")
|
||||
public void collectGroupLosses() {
|
||||
System.out.println("Checking for groups");
|
||||
}
|
||||
|
||||
@Scheduled(cron = "0 5 18 * * *")
|
||||
public void testMail() {
|
||||
this.emailService.sendMail("kaczor982@gmail.com", "Cześć. Jestem Tomek.");
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -81,4 +81,8 @@ public class UserService {
|
|||
return this.repo.getAllByRole(UserRoles.STUDENT);
|
||||
}
|
||||
|
||||
public Optional<User> getUserByRefreshToken(String refreshToken) {
|
||||
return this.repo.getByRefreshToken(refreshToken);
|
||||
}
|
||||
|
||||
}
|
||||
|
|
@ -1,5 +1,7 @@
|
|||
package com.plannaplan.controllers;
|
||||
|
||||
import java.util.UUID;
|
||||
|
||||
import com.plannaplan.entities.User;
|
||||
import com.plannaplan.exceptions.UserNotFoundException;
|
||||
import com.plannaplan.responses.models.TokenResponse;
|
||||
|
|
@ -61,4 +63,16 @@ public class TokenController {
|
|||
}
|
||||
|
||||
}
|
||||
|
||||
@GetMapping("/token/refresh")
|
||||
@ApiOperation(value = "Endpoint to access new token based on refresh token. It's needed when request with provided token fail with code 403")
|
||||
public ResponseEntity<TokenResponse> getRefreshToken(
|
||||
@RequestParam("refreshToken") @ApiParam(value = "Refresh token obtained in /token request") final String refreshToken) {
|
||||
User user = this.userService.getUserByRefreshToken(refreshToken)
|
||||
.orElseThrow(() -> new NullPointerException("User not found"));
|
||||
user.setToken(UUID.randomUUID().toString());
|
||||
user = this.userService.save(user);
|
||||
return new ResponseEntity<>(new TokenResponse(user), HttpStatus.OK);
|
||||
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -9,6 +9,8 @@ import io.swagger.annotations.ApiModelProperty;
|
|||
public class TokenResponse {
|
||||
@ApiModelProperty(value = "user token used to verify requests")
|
||||
private String token;
|
||||
@ApiModelProperty(value = "user token needed to refresh")
|
||||
private String refreshToken;
|
||||
@ApiModelProperty(value = "user id in database")
|
||||
private Long id;
|
||||
@ApiModelProperty(value = "user app role")
|
||||
|
|
@ -21,6 +23,7 @@ public class TokenResponse {
|
|||
this.authorityRole = user.getRole().toString();
|
||||
this.email = user.getEmail();
|
||||
this.token = user.getToken();
|
||||
this.refreshToken = user.getRefreshToken();
|
||||
}
|
||||
|
||||
public String getEmail() {
|
||||
|
|
@ -39,4 +42,8 @@ public class TokenResponse {
|
|||
return token;
|
||||
}
|
||||
|
||||
public String getRefreshToken() {
|
||||
return this.refreshToken;
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -37,9 +37,10 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
|
|||
|
||||
@Override
|
||||
public void configure(final WebSecurity webSecurity) {
|
||||
webSecurity.ignoring().antMatchers("/token**").antMatchers("/api/v1/courses/all")
|
||||
.antMatchers("/api/v1/groups/course/{id}").antMatchers("/v2/api-docs", "/configuration/ui",
|
||||
"/swagger-resources/**", "/configuration/security", "/swagger-ui.html", "/webjars/**");
|
||||
webSecurity.ignoring().antMatchers("/token**").antMatchers("/token/refresh**")
|
||||
.antMatchers("/api/v1/courses/all").antMatchers("/api/v1/groups/course/{id}")
|
||||
.antMatchers("/v2/api-docs", "/configuration/ui", "/swagger-resources/**", "/configuration/security",
|
||||
"/swagger-ui.html", "/webjars/**");
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
|||
Loading…
Reference in New Issue