Refactor #81 jwt role 추가

src/main/java/leets/weeth/domain/user/application/exception/EmailNotFoundException.java

@@ -0,0 +1,9 @@
+package leets.weeth.domain.user.application.exception;
+
+import leets.weeth.global.common.exception.BusinessLogicException;
+
+public class EmailNotFoundException extends BusinessLogicException {
+    public EmailNotFoundException() {
+        super(404, "Redis에 저장된 email이 없습니다.");
+    }
+}

src/main/java/leets/weeth/domain/user/application/exception/RoleNotFoundException.java

@@ -0,0 +1,9 @@
+package leets.weeth.domain.user.application.exception;
+
+import leets.weeth.global.common.exception.BusinessLogicException;
+
+public class RoleNotFoundException extends BusinessLogicException {
+    public RoleNotFoundException() {
+        super(404, "Redis에 저장된 role이 없습니다.");
+    }
+}

src/main/java/leets/weeth/domain/user/application/usecase/UserManageUseCase.java

@@ -6,5 +6,5 @@
 import static leets.weeth.domain.user.application.dto.request.UserRequestDto.refreshRequest;
 
 public interface UserManageUseCase {
-    JwtDto refresh(refreshRequest dto, HttpServletRequest request);
+    JwtDto refresh(HttpServletRequest request);
 }

src/main/java/leets/weeth/domain/user/application/usecase/UserManageUseCaseImpl.java

@@ -18,11 +18,11 @@ public class UserManageUseCaseImpl implements UserManageUseCase {
 
     @Override
     @Transactional
-    public JwtDto refresh(refreshRequest dto, HttpServletRequest request) {
+    public JwtDto refresh(HttpServletRequest request) {
 
-        JwtDto token = jwtManageUseCase.reIssueToken(dto.email(), request);
+        JwtDto token = jwtManageUseCase.reIssueToken(request);
 
-        log.info("RefreshToken 발급 완료: {}", dto.email());
+        log.info("RefreshToken 발급 완료: {}", token);
         return new JwtDto(token.accessToken(), token.refreshToken());
     }
 

src/main/java/leets/weeth/domain/user/application/usecase/UserUseCaseImpl.java

@@ -76,15 +76,15 @@ private SocialLoginResponse registerUser(String email) {
                 .build();
         userSaveService.save(user);
 
-        JwtDto dto = jwtManageUseCase.create(user.getId(), email);
+        JwtDto dto = jwtManageUseCase.create(user.getId(), email, user.getRole());
 
         return new SocialLoginResponse(user.getId(), REGISTER, dto.accessToken(), dto.refreshToken());
     }
 
     private SocialLoginResponse login(String email) {
         User user = userGetService.find(email);
 
-        JwtDto dto = jwtManageUseCase.create(user.getId(), email);
+        JwtDto dto = jwtManageUseCase.create(user.getId(), email, user.getRole());
 
         return new SocialLoginResponse(user.getId(), LOGIN, dto.accessToken(), dto.refreshToken());
     }
@@ -158,20 +158,21 @@ public void accept(Long userId) {
     public void update(Long userId, String role) {
         User user = userGetService.find(userId);
         userUpdateService.update(user, role);
+        jwtRedisService.updateRole(user.getId(), role);
     }
 
     @Override
     public void leave(Long userId) {
         User user = userGetService.find(userId);
         // 탈퇴하는 경우 리프레시 토큰 삭제
-        jwtRedisService.delete(user.getEmail());
+        jwtRedisService.delete(user.getId());
         userDeleteService.leave(user);
     }
 
     @Override
     public void ban(Long userId) {
         User user = userGetService.find(userId);
-        jwtRedisService.delete(user.getEmail());
+        jwtRedisService.delete(user.getId());
         userDeleteService.ban(user);
     }
 

src/main/java/leets/weeth/domain/user/presentation/UserController.java

@@ -92,7 +92,7 @@ public CommonResponse<Void> leave(@Parameter(hidden = true) @CurrentUser Long us
 
     @PostMapping("/refresh")
     @Operation(summary = "JWT 토큰 재발급 API")
-    public CommonResponse<JwtDto> refresh(@Valid @RequestBody refreshRequest dto, HttpServletRequest request) {
-        return CommonResponse.createSuccess(JWT_REFRESH_SUCCESS.getMessage(), userManageUseCase.refresh(dto, request));
+    public CommonResponse<JwtDto> refresh(HttpServletRequest request) {
+        return CommonResponse.createSuccess(JWT_REFRESH_SUCCESS.getMessage(), userManageUseCase.refresh(request));
     }
 }

src/main/java/leets/weeth/global/auth/jwt/application/usecase/JwtManageUseCase.java

@@ -2,6 +2,7 @@
 
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
+import leets.weeth.domain.user.domain.entity.enums.Role;
 import leets.weeth.global.auth.jwt.application.dto.JwtDto;
 import leets.weeth.global.auth.jwt.service.JwtRedisService;
 import leets.weeth.global.auth.jwt.service.JwtProvider;
@@ -20,11 +21,11 @@ public class JwtManageUseCase {
     private final JwtRedisService jwtRedisService;
 
     // 토큰 발급
-    public JwtDto create(Long id, String email){
-        String accessToken = jwtProvider.createAccessToken(id, email);
-        String refreshToken = jwtProvider.createRefreshToken(id);
+    public JwtDto create(Long userId, String email, Role role){
+        String accessToken = jwtProvider.createAccessToken(userId, email, role);
+        String refreshToken = jwtProvider.createRefreshToken(userId);
 
-        updateToken(email, refreshToken);
+        updateToken(userId, refreshToken, role, email);
 
         return new JwtDto(accessToken, refreshToken);
     }
@@ -35,23 +36,26 @@ public void sendToken(JwtDto dto, HttpServletResponse response) throws IOExcepti
     }
 
     // 토큰 재발급
-    public JwtDto reIssueToken(String email, HttpServletRequest request){
+    public JwtDto reIssueToken(HttpServletRequest request){
         String requestToken = jwtService.extractRefreshToken(request);
         jwtProvider.validate(requestToken);
 
         Long userId = jwtService.extractId(requestToken).get();
 
-        jwtRedisService.validateRefreshToken(email, requestToken);
+        jwtRedisService.validateRefreshToken(userId, requestToken);
 
-        JwtDto token = create(userId, email);
-        jwtRedisService.set(email, token.refreshToken());
+        Role role = jwtRedisService.getRole(userId);
+        String email = jwtRedisService.getEmail(userId);
+
+        JwtDto token = create(userId, email, role);
+        jwtRedisService.set(userId, token.refreshToken(), role, email);
 
         return token;
     }
 
     // 리프레시 토큰 업데이트
-    private void updateToken(String email, String refreshToken){
-        jwtRedisService.set(email, refreshToken);
+    private void updateToken(long userId, String refreshToken, Role role, String email){
+        jwtRedisService.set(userId, refreshToken, role, email);
     }
 
 }

src/main/java/leets/weeth/global/auth/jwt/filter/JwtAuthenticationProcessingFilter.java

@@ -5,6 +5,7 @@
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
 import leets.weeth.domain.user.domain.entity.User;
+import leets.weeth.domain.user.domain.entity.enums.Role;
 import leets.weeth.domain.user.domain.service.UserGetService;
 import leets.weeth.global.auth.jwt.exception.TokenNotFoundException;
 import leets.weeth.global.auth.jwt.service.JwtProvider;
@@ -44,7 +45,7 @@ protected void doFilterInternal(HttpServletRequest request, HttpServletResponse
             String accessToken = jwtService.extractAccessToken(request)
                     .orElseThrow(TokenNotFoundException::new);
             if (jwtProvider.validate(accessToken)) {
-                saveAuthentication(find(accessToken));
+                saveAuthentication(accessToken);
             }
         } catch (RuntimeException e) {
             log.info("error token: {}", e.getMessage());
@@ -54,12 +55,15 @@ protected void doFilterInternal(HttpServletRequest request, HttpServletResponse
 
     }
 
-    public void saveAuthentication(User myUser) {
+    public void saveAuthentication(String accessToken) {
+
+        String email = jwtService.extractEmail(accessToken).get();
+        Role role = Role.valueOf(jwtService.extractRole(accessToken).get());
 
         UserDetails userDetailsUser = org.springframework.security.core.userdetails.User.builder()
-                .username(myUser.getEmail())
+                .username(email)
                 .password(DUMMY)
-                .roles(myUser.getRole().name())
+                .roles(role.name())
                 .build();
 
         UsernamePasswordAuthenticationToken authentication =
@@ -68,9 +72,4 @@ public void saveAuthentication(User myUser) {
 
         SecurityContextHolder.getContext().setAuthentication(authentication);
     }
-
-    private User find(String accessToken) {
-        String email = jwtService.extractEmail(accessToken).get();
-        return userGetService.find(email);
-    }
 }

src/main/java/leets/weeth/global/auth/jwt/service/JwtProvider.java

@@ -2,6 +2,7 @@
 
 import com.auth0.jwt.JWT;
 import com.auth0.jwt.algorithms.Algorithm;
+import leets.weeth.domain.user.domain.entity.enums.Role;
 import leets.weeth.global.auth.jwt.exception.InvalidTokenException;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Value;
@@ -17,6 +18,7 @@ public class JwtProvider {
     private static final String REFRESH_TOKEN_SUBJECT = "RefreshToken";
     private static final String EMAIL_CLAIM = "email";
     private static final String ID_CLAIM = "id";
+    private static final String ROLE_CLAIM = "role";
 
     @Value("${weeth.jwt.key}")
     private String key;
@@ -25,13 +27,14 @@ public class JwtProvider {
     @Value("${weeth.jwt.refresh.expiration}")
     private Long refreshTokenExpirationPeriod;
 
-    public String createAccessToken(Long id, String email) {
+    public String createAccessToken(Long id, String email, Role role) {
         Date now = new Date();
         return JWT.create()
                 .withSubject(ACCESS_TOKEN_SUBJECT)
                 .withExpiresAt(new Date(now.getTime() + accessTokenExpirationPeriod))
                 .withClaim(ID_CLAIM, id)
                 .withClaim(EMAIL_CLAIM, email)
+                .withClaim(ROLE_CLAIM, role.toString())
                 .sign(Algorithm.HMAC512(key));
     }
 

src/main/java/leets/weeth/global/auth/jwt/service/JwtRedisService.java

@@ -1,5 +1,8 @@
 package leets.weeth.global.auth.jwt.service;
 
+import leets.weeth.domain.user.application.exception.EmailNotFoundException;
+import leets.weeth.domain.user.application.exception.RoleNotFoundException;
+import leets.weeth.domain.user.domain.entity.enums.Role;
 import leets.weeth.global.auth.jwt.exception.InvalidTokenException;
 import leets.weeth.global.auth.jwt.exception.RedisTokenNotFoundException;
 import lombok.RequiredArgsConstructor;
@@ -20,34 +23,68 @@ public class JwtRedisService {
     private Long expirationTime;
 
     private static final String PREFIX = "refreshToken:";
+    private static final String TOKEN = "token";
+    private static final String ROLE = "role";
+    private static final String EMAIL = "email";
 
     private final RedisTemplate<String, String> redisTemplate;
 
-    public void set(String email, String refreshToken) {
-        String key = getKey(email);
-        redisTemplate.opsForValue().set(key, refreshToken, expirationTime, TimeUnit.MILLISECONDS);
+    public void set(long userId, String refreshToken, Role role, String email) {
+        String key = getKey(userId);
+        put(key, TOKEN, refreshToken);
+        put(key, ROLE, role.toString());
+        put(key, EMAIL, email);
+        redisTemplate.expire(key, expirationTime, TimeUnit.MINUTES);
         log.info("Refresh Token 저장/업데이트: {}", key);
     }
 
-    public void delete(String email) {
-        String key = getKey(email);
+    public void delete(Long userId) {
+        String key = getKey(userId);
         redisTemplate.delete(key);
     }
 
-    public void validateRefreshToken(String email, String requestToken) {
-        if (!find(email).equals(requestToken)) {
+    public void validateRefreshToken(long userId, String requestToken) {
+        if (!find(userId).equals(requestToken)) {
             throw new InvalidTokenException();
         }
     }
 
-    private String find(String email) {
-        String key = getKey(email);
-        return Optional.ofNullable(redisTemplate.opsForValue().get(key))
+    public String getEmail(long userId) {
+        String key = getKey(userId);
+        String roleValue = (String) redisTemplate.opsForHash().get(key, "email");
+
+        return Optional.ofNullable(roleValue)
+                .orElseThrow(EmailNotFoundException::new);
+    }
+
+    public Role getRole(long userId) {
+        String key = getKey(userId);
+        String roleValue = (String) redisTemplate.opsForHash().get(key, "role");
+
+        return Optional.ofNullable(roleValue)
+                .map(Role::valueOf)
+                .orElseThrow(RoleNotFoundException::new);
+    }
+
+    public void updateRole(long userId, String role) {
+        String key = getKey(userId);
+
+        if (Boolean.TRUE.equals(redisTemplate.hasKey(key))) {
+            redisTemplate.opsForHash().put(key, "role", role);
+        }
+    }
+
+    private String find(long userId) {
+        String key = getKey(userId);
+        return Optional.ofNullable((String) redisTemplate.opsForHash().get(key, "token"))
                 .orElseThrow(RedisTokenNotFoundException::new);
     }
 
-    private String getKey(String email){
-        return PREFIX + email;
+    private String getKey(long userId) {
+        return PREFIX + userId;
     }
 
+    private void put(String key, String hashKey, Object value) {
+        redisTemplate.opsForHash().put(key, hashKey, value);
+    }
 }

src/main/java/leets/weeth/global/auth/jwt/service/JwtService.java

@@ -21,6 +21,7 @@ public class JwtService {
 
     private static final String EMAIL_CLAIM = "email";
     private static final String ID_CLAIM = "id";
+    private static final String ROLE_CLAIM = "role";
     private static final String BEARER = "Bearer ";
     private static final String LOGIN_SUCCESS_MESSAGE = "자체 로그인 성공.";
 
@@ -70,6 +71,19 @@ public Optional<Long> extractId(String token) {
         }
     }
 
+    public Optional<String> extractRole(String token) {
+        try {
+            return Optional.ofNullable(JWT.require(Algorithm.HMAC512(key))
+                    .build()
+                    .verify(token)
+                    .getClaim(ROLE_CLAIM)
+                    .asString());
+        } catch (Exception e) {
+            log.error("액세스 토큰이 유효하지 않습니다.");
+            return Optional.empty();
+        }
+    }
+
     // header -> body로 수정
     public void sendAccessAndRefreshToken(HttpServletResponse response, String accessToken, String refreshToken) throws IOException {
         response.setStatus(HttpServletResponse.SC_OK);

src/main/java/leets/weeth/global/auth/login/handler/LoginSuccessHandler.java

@@ -30,7 +30,7 @@ public void onAuthenticationSuccess(HttpServletRequest request, HttpServletRespo
         Long userId = user.getId();
 
         // 토큰 발급 및 레디스에 저장
-        JwtDto token = jwtManageUseCase.create(userId, email);
+        JwtDto token = jwtManageUseCase.create(userId, email, user.getRole());
 
         // 바디에 담아서 보내기
         jwtManageUseCase.sendToken(token, response); // 응답 헤더에 AccessToken, RefreshToken 실어서 응답