diff --git a/BE/src/login/login.controller.ts b/BE/src/login/login.controller.ts index 069a830..953c5d9 100644 --- a/BE/src/login/login.controller.ts +++ b/BE/src/login/login.controller.ts @@ -30,7 +30,7 @@ export class LoginController { async refreshToken(@Body('refresh_token') refreshToken) { try { const payload = this.loginService.validateToken(refreshToken, 'refresh'); - return await this.loginService.refreshToken(payload); + return await this.loginService.refreshToken(refreshToken, payload); } catch (e) { throw new HttpException('refresh token이 유효하지 않음', 403); } diff --git a/BE/src/login/login.service.ts b/BE/src/login/login.service.ts index f7dfbfa..892ea2f 100644 --- a/BE/src/login/login.service.ts +++ b/BE/src/login/login.service.ts @@ -1,4 +1,4 @@ -import { Inject, Injectable, Logger } from '@nestjs/common'; +import { HttpException, Inject, Injectable, Logger } from '@nestjs/common'; import { JwtService } from '@nestjs/jwt'; import { InjectRepository } from '@nestjs/typeorm'; import { UserEntity } from '../entities/user.entity'; @@ -44,6 +44,11 @@ export class LoginService { } const accessToken = this.generateAccessToken(user); const refreshToken = this.generateRefreshToken(user); + await this.cacheManager.set( + user.user_hash, + refreshToken, + this.configService.get('JWT_REFRESH_EXPIRES_IN'), + ); return { access_token: accessToken, refresh_token: refreshToken }; } @@ -53,6 +58,7 @@ export class LoginService { await this.fcmHandler.removeRegistrationToken(decodedToken.userId); const ttl: number = decodedToken.exp - Math.floor(Date.now() / 1000); await this.cacheManager.set(accessToken, 'logout', { ttl }); + await this.cacheManager.del(decodedToken.userId); } } async registerUser(socialProperties: SocialProperties) { @@ -166,13 +172,23 @@ export class LoginService { }); } - async refreshToken(payload): Promise { + async refreshToken(refreshtoken, payload): Promise { const user = await this.userRepository.findOne({ where: { user_hash: payload.userId }, }); - const accessToken = this.generateAccessToken(user); - const refreshToken = this.generateRefreshToken(user); - return { access_token: accessToken, refresh_token: refreshToken }; + + if ((await this.cacheManager.get(user.user_hash)) === refreshtoken) { + const accessToken = this.generateAccessToken(user); + const refreshToken = this.generateRefreshToken(user); + await this.cacheManager.set( + user.user_hash, + refreshToken, + this.configService.get('JWT_REFRESH_EXPIRES_IN'), + ); + return { access_token: accessToken, refresh_token: refreshToken }; + } else { + throw new HttpException('refresh token이 유효하지 않음', 403); + } } async loginAdmin(id) { @@ -181,6 +197,11 @@ export class LoginService { }); const accessToken = this.generateAccessToken(user); const refreshToken = this.generateRefreshToken(user); + await this.cacheManager.set( + user.user_hash, + refreshToken, + this.configService.get('JWT_REFRESH_EXPIRES_IN'), + ); return { access_token: accessToken, refresh_token: refreshToken }; } } diff --git a/BE/src/users/users.controller.ts b/BE/src/users/users.controller.ts index cd1f97c..ef5f4ae 100644 --- a/BE/src/users/users.controller.ts +++ b/BE/src/users/users.controller.ts @@ -13,6 +13,8 @@ import { Body, ParseFilePipe, MaxFileSizeValidator, + Header, + Headers, } from '@nestjs/common'; import { UsersService } from './users.service'; import { CreateUserDto } from './createUser.dto'; @@ -58,8 +60,12 @@ export class UsersController { } @Delete(':id') - async usersRemove(@Param('id') id: string, @UserHash() userId) { - await this.usersService.removeUser(id, userId); + async usersRemove( + @Param('id') id: string, + @UserHash() userId: string, + @Headers('authorization') token: string, + ) { + await this.usersService.removeUser(id, userId, token); } @Patch(':id') diff --git a/BE/src/users/users.module.ts b/BE/src/users/users.module.ts index 7bc183a..f495c64 100644 --- a/BE/src/users/users.module.ts +++ b/BE/src/users/users.module.ts @@ -10,6 +10,7 @@ import { BlockUserEntity } from '../entities/blockUser.entity'; import { BlockPostEntity } from '../entities/blockPost.entity'; import { AuthGuard } from 'src/utils/auth.guard'; import { RegistrationTokenEntity } from '../entities/registrationToken.entity'; +import { FcmHandler } from 'src/utils/fcmHandler'; @Module({ imports: [ @@ -23,6 +24,6 @@ import { RegistrationTokenEntity } from '../entities/registrationToken.entity'; ]), ], controllers: [UsersController], - providers: [UsersService, S3Handler, AuthGuard], + providers: [UsersService, S3Handler, AuthGuard, FcmHandler], }) export class UsersModule {} diff --git a/BE/src/users/users.service.ts b/BE/src/users/users.service.ts index 7a0c958..0e107c2 100644 --- a/BE/src/users/users.service.ts +++ b/BE/src/users/users.service.ts @@ -1,4 +1,4 @@ -import { HttpException, Injectable } from '@nestjs/common'; +import { HttpException, Inject, Injectable } from '@nestjs/common'; import { CreateUserDto } from './createUser.dto'; import { InjectRepository } from '@nestjs/typeorm'; import { UserEntity } from 'src/entities/user.entity'; @@ -12,10 +12,14 @@ import { BlockUserEntity } from '../entities/blockUser.entity'; import { BlockPostEntity } from '../entities/blockPost.entity'; import { RegistrationTokenEntity } from '../entities/registrationToken.entity'; import { ConfigService } from '@nestjs/config'; +import * as jwt from 'jsonwebtoken'; +import { FcmHandler } from 'src/utils/fcmHandler'; +import { CACHE_MANAGER, CacheStore } from '@nestjs/cache-manager'; @Injectable() export class UsersService { constructor( + @Inject(CACHE_MANAGER) private cacheManager: CacheStore, @InjectRepository(PostEntity) private postRepository: Repository, @InjectRepository(UserEntity) @@ -30,6 +34,7 @@ export class UsersService { private registrationTokenRepository: Repository, private s3Handler: S3Handler, private configService: ConfigService, + private fcmHandler: FcmHandler, ) {} async createUser(imageLocation: string, createUserDto: CreateUserDto) { @@ -57,8 +62,15 @@ export class UsersService { } } - async removeUser(id: string, userId) { + async removeUser(id: string, userId: string, accessToken: string) { const userPk = await this.checkAuth(id, userId); + const decodedToken: any = jwt.decode(accessToken); + if (decodedToken && decodedToken.exp) { + await this.fcmHandler.removeRegistrationToken(decodedToken.userId); + const ttl: number = decodedToken.exp - Math.floor(Date.now() / 1000); + await this.cacheManager.set(accessToken, 'logout', { ttl }); + } + await this.deleteCascadingUser(userPk, userId); return true; }