feat: 로그아웃 체크 필터 생성

nayonsoso · nayonsoso · commit b795eb88f136 · 2025-01-15T04:30:38.000+09:00
- AS-IS: 액세스 토큰을 검증하면서 로그아웃했는지를 검증하고 있다. 이는 액세스 토큰의 검증부에 들어갈 것이 아니라, 더 이전 단계에서 처리되어야 한다.
- TO-BE: 로그아웃 토큰을 필터에서 처리한다. 이전보다 더 빠르게 예외를 응답할 수 있다.
diff --git a/src/main/java/com/example/solidconnection/auth/service/AuthService.java b/src/main/java/com/example/solidconnection/auth/service/AuthService.java
@@ -17,13 +17,14 @@
 
 import static com.example.solidconnection.config.token.TokenType.ACCESS;
 import static com.example.solidconnection.config.token.TokenType.REFRESH;
-import static com.example.solidconnection.config.token.TokenValidator.SIGN_OUT_VALUE;
 import static com.example.solidconnection.custom.exception.ErrorCode.REFRESH_TOKEN_EXPIRED;
 
 @RequiredArgsConstructor
 @Service
 public class AuthService {
 
+    public static final String SIGN_OUT_VALUE = "signOut";
+
     private final RedisTemplate<String, String> redisTemplate;
     private final TokenProvider tokenProvider;
     private final SiteUserRepository siteUserRepository;
diff --git a/src/main/java/com/example/solidconnection/config/security/SignOutCheckFilter.java b/src/main/java/com/example/solidconnection/config/security/SignOutCheckFilter.java
@@ -0,0 +1,47 @@
+package com.example.solidconnection.config.security;
+
+import com.example.solidconnection.config.token.TokenProvider;
+import com.example.solidconnection.custom.exception.CustomException;
+import jakarta.servlet.FilterChain;
+import jakarta.servlet.ServletException;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import lombok.NonNull;
+import lombok.RequiredArgsConstructor;
+import org.springframework.data.redis.core.RedisTemplate;
+import org.springframework.stereotype.Component;
+import org.springframework.web.filter.OncePerRequestFilter;
+
+import java.io.IOException;
+
+import static com.example.solidconnection.auth.service.AuthService.SIGN_OUT_VALUE;
+import static com.example.solidconnection.config.token.TokenType.REFRESH;
+import static com.example.solidconnection.custom.exception.ErrorCode.USER_ALREADY_SIGN_OUT;
+
+@Component
+@RequiredArgsConstructor
+public class SignOutCheckFilter extends OncePerRequestFilter {
+
+    private final RedisTemplate<String, String> redisTemplate;
+    private final TokenProvider tokenProvider;
+    private final JwtAuthenticationEntryPoint jwtAuthenticationEntryPoint;
+
+    @Override
+    protected void doFilterInternal(@NonNull HttpServletRequest request,
+                                    @NonNull HttpServletResponse response,
+                                    @NonNull FilterChain filterChain) throws ServletException, IOException {
+        String token = tokenProvider.parseTokenFromRequest(request);
+        if (token == null || !isSignOut(token)) {
+            filterChain.doFilter(request, response);
+            return;
+        }
+
+        jwtAuthenticationEntryPoint.customCommence(response, new CustomException(USER_ALREADY_SIGN_OUT));
+    }
+
+    private boolean isSignOut(String accessToken) {
+        String subject = tokenProvider.parseSubject(accessToken);
+        String refreshToken = REFRESH.addPrefixToSubject(subject);
+        return SIGN_OUT_VALUE.equals(redisTemplate.opsForValue().get(refreshToken));
+    }
+}
diff --git a/src/main/java/com/example/solidconnection/config/token/TokenValidator.java b/src/main/java/com/example/solidconnection/config/token/TokenValidator.java
@@ -19,14 +19,11 @@
 import static com.example.solidconnection.custom.exception.ErrorCode.EMPTY_TOKEN;
 import static com.example.solidconnection.custom.exception.ErrorCode.INVALID_SERVICE_PUBLISHED_KAKAO_TOKEN;
 import static com.example.solidconnection.custom.exception.ErrorCode.REFRESH_TOKEN_EXPIRED;
-import static com.example.solidconnection.custom.exception.ErrorCode.USER_ALREADY_SIGN_OUT;
 
 @Component
 @RequiredArgsConstructor
 public class TokenValidator {
 
-    public static final String SIGN_OUT_VALUE = "signOut";
-
     private final RedisTemplate<String, String> redisTemplate;
 
     @Value("${jwt.secret}")
@@ -35,7 +32,6 @@ public class TokenValidator {
     public void validateAccessToken(String token) {
         validateTokenNotEmpty(token);
         validateTokenNotExpired(token, ACCESS);
-        validateNotSignOut(token);
         validateRefreshToken(token);
     }
 
@@ -64,13 +60,6 @@ private void validateTokenNotExpired(String token, TokenType tokenType) {
         }
     }
 
-    private void validateNotSignOut(String token) {
-        String email = getClaim(token).getSubject();
-        if (SIGN_OUT_VALUE.equals(redisTemplate.opsForValue().get(REFRESH.addPrefixToSubject(email)))) {
-            throw new CustomException(USER_ALREADY_SIGN_OUT);
-        }
-    }
-
     private void validateRefreshToken(String token) {
         String email = getClaim(token).getSubject();
         if (redisTemplate.opsForValue().get(REFRESH.addPrefixToSubject(email)) == null) {
