[refactor} : 블랙리스트 검증 로직 리팩토링

dnd-side-project · dudxo · Nov 4, 2024 · Sep 24, 2024 · Sep 24, 2024 · Sep 24, 2024
commit 75c67f654153fd956040ff58390f6c71a68c2de6
diff --git a/src/main/java/com/dnd/gongmuin/security/jwt/util/TokenAuthenticationFilter.java b/src/main/java/com/dnd/gongmuin/security/jwt/util/TokenAuthenticationFilter.java
@@ -33,7 +33,7 @@ protected void doFilterInternal(HttpServletRequest request, HttpServletResponse
 
 		if (tokenProvider.validateToken(accessToken, new Date())) {
 			// accessToken logout 여부 확인
-			if (tokenProvider.verifyLogout(accessToken)) {
+			if (tokenProvider.verifyBlackList(accessToken)) {
 				saveAuthentication(accessToken);
 			}
 		}

diff --git a/src/main/java/com/dnd/gongmuin/security/jwt/util/TokenProvider.java b/src/main/java/com/dnd/gongmuin/security/jwt/util/TokenProvider.java
@@ -1,10 +1,10 @@
 package com.dnd.gongmuin.security.jwt.util;
 
 import java.time.Duration;
+import java.util.Arrays;
 import java.util.Collections;
 import java.util.Date;
 import java.util.List;
-import java.util.Objects;
 import java.util.stream.Collectors;
 
 import javax.crypto.SecretKey;
@@ -40,6 +40,7 @@
 public class TokenProvider {
 
 	private static final String ROLE_KEY = "ROLE";
+	private static final String[] BLACKLIST = new String[] {"false", "delete"};
 	private static final long ACCESS_TOKEN_EXPIRE_TIME = 1000 * 60 * 90L;
 	private static final long REFRESH_TOKEN_EXPIRE_TIME = 1000 * 60 * 60 * 24L;
 	private final MemberRepository memberRepository;
@@ -136,9 +137,9 @@ public Long getExpiration(String token, Date date) {
 		return (expiration.getTime() - date.getTime());
 	}
 
-	public boolean verifyLogout(String accessToken) {
+	public boolean verifyBlackList(String accessToken) {
 		String value = redisUtil.getValues(accessToken);
-		return Objects.equals("false", value);
+		return Arrays.asList(BLACKLIST).contains(value);
 	}
 
 }