feat: Reflect review

app/api/common-api/src/main/java/org/example/filter/JWTFilter.java

@@ -8,12 +8,10 @@
 import java.io.IOException;
 import java.util.List;
 import lombok.RequiredArgsConstructor;
-import org.example.exception.BusinessException;
 import org.example.repository.TokenRepository;
 import org.example.security.dto.AuthenticatedUser;
 import org.example.security.dto.TokenParam;
 import org.example.security.dto.UserParam;
-import org.example.security.error.TokenError;
 import org.example.security.token.JWTHandler;
 import org.example.security.token.TokenProcessor;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
@@ -52,16 +50,10 @@ protected void doFilterInternal(
     private void handleAccessToken(HttpServletRequest request) {
         String accessToken = jwtHandler.extractAccessToken(request);
         UserParam userParam = jwtHandler.extractUserFrom(accessToken);
-        verifyAccessTokenBlacklist(userParam, accessToken);
+        tokenProcessor.verifyAccessTokenBlacklist(userParam, accessToken);
         saveOnSecurityContextHolder(userParam);
     }
 
-    private void verifyAccessTokenBlacklist(UserParam userParam, String accessKey) {
-        if (tokenRepository.existAccessToken(userParam.userId(), accessKey)) {
-            throw new BusinessException(TokenError.BLACKLIST_ACCESS_TOKEN);
-        }
-    }
-
     private void saveOnSecurityContextHolder(UserParam userParam) {
         AuthenticatedUser authenticatedUser = AuthenticatedUser.builder()
             .userId(userParam.userId())

app/api/common-api/src/main/java/org/example/repository/TokenRepository.java

@@ -9,11 +9,11 @@ public interface TokenRepository {
 
     void saveBlacklistAccessToken(UUID userId, String accessToken);
 
-    void saveRefreshToken(String userId, String refreshToken);
+    void saveRefreshToken(UUID userId, String refreshToken);
 
     Optional<String> getExistRefreshToken(String userId);
 
-    boolean existAccessToken(UUID userId, String accessToken);
+    boolean existAccessTokenInBlacklist(UUID userId, String accessToken);
 
-    void delete(UUID userId);
+    void deleteRefreshToken(UUID userId);
 }

app/api/common-api/src/main/java/org/example/security/token/JWTGenerator.java

@@ -22,7 +22,7 @@ public TokenParam generate(UserParam userParam, Date from) {
             .refreshToken(createRefreshToken(userParam, from))
             .build();
 
-        tokenRepository.saveRefreshToken(userParam.userId().toString(), tokenParam.refreshToken());
+        tokenRepository.saveRefreshToken(userParam.userId(), tokenParam.refreshToken());
         return tokenParam;
     }
 

app/api/common-api/src/main/java/org/example/security/token/TokenProcessor.java

@@ -5,7 +5,6 @@
 import java.util.UUID;
 import lombok.RequiredArgsConstructor;
 import org.example.exception.BusinessException;
-import org.example.property.TokenProperty;
 import org.example.repository.TokenRepository;
 import org.example.security.dto.TokenParam;
 import org.example.security.dto.UserParam;
@@ -16,7 +15,6 @@
 @RequiredArgsConstructor
 public class TokenProcessor {
 
-    private final TokenProperty tokenProperty;
     private final JWTHandler jwtHandler;
     private final JWTGenerator jwtGenerator;
     private final TokenRepository tokenRepository;
@@ -33,12 +31,18 @@ public TokenParam reissueToken(HttpServletRequest request) {
         return jwtGenerator.generate(userParam, new Date());
     }
 
+    public void verifyAccessTokenBlacklist(UserParam userParam, String accessKey) {
+        if (tokenRepository.existAccessTokenInBlacklist(userParam.userId(), accessKey)) {
+            throw new BusinessException(TokenError.BLACKLIST_ACCESS_TOKEN);
+        }
+    }
+
     public void makeAccessTokenBlacklistAndDeleteRefreshToken(
         String accessToken,
         UUID userId
     ) {
         tokenRepository.saveBlacklistAccessToken(userId, accessToken);
-        tokenRepository.delete(userId);
+        tokenRepository.deleteRefreshToken(userId);
     }
 
     private String getExistRefreshToken(UserParam userParam) {

app/api/user-api/src/main/java/org/example/service/UserService.java

@@ -23,7 +23,7 @@ public class UserService {
     private final JWTGenerator jwtGenerator;
     private final TokenProcessor tokenProcessor;
 
-    public TokenParam login(final LoginServiceRequest loginServiceRequest) {
+    public TokenParam login(LoginServiceRequest loginServiceRequest) {
         User user = getUser(loginServiceRequest);
         var userParam = UserParam.from(user);
 

app/infrastructure/redis/src/main/java/org/example/repository/LettuceRedisRepository.java

@@ -16,13 +16,13 @@ public class LettuceRedisRepository implements TokenRepository {
     @Override
     public void saveBlacklistAccessToken(UUID userId, String accessToken) {
         stringRedisTemplate.opsForValue()
-            .set("AT:" + accessToken, userId.toString(), 14, TimeUnit.DAYS);
+            .set("AT:" + userId.toString(), accessToken, 1, TimeUnit.HOURS);
     }
 
     @Override
-    public void saveRefreshToken(String userId, String refreshToken) {
+    public void saveRefreshToken(UUID userId, String refreshToken) {
         stringRedisTemplate.opsForValue()
-            .set("RT:" + userId, refreshToken, 14, TimeUnit.DAYS);
+            .set("RT:" + userId.toString(), refreshToken, 14, TimeUnit.DAYS);
     }
 
     @Override
@@ -31,17 +31,17 @@ public Optional<String> getExistRefreshToken(String userId) {
     }
 
     @Override
-    public boolean existAccessToken(UUID userId, String accessToken) {
-        String existAccessKey = stringRedisTemplate.opsForValue().get("AT:" + accessToken);
+    public boolean existAccessTokenInBlacklist(UUID userId, String accessToken) {
+        String existAccessKey = stringRedisTemplate.opsForValue().get("AT:" + userId);
         if (existAccessKey == null) {
             return false;
         }
 
-        return existAccessKey.equals(userId.toString());
+        return existAccessKey.equals(accessToken);
     }
 
     @Override
-    public void delete(UUID userId) {
+    public void deleteRefreshToken(UUID userId) {
         stringRedisTemplate.delete("RT:" + userId);
     }
 }