notkshitij/SkycrateBackend
1
1
Fork 0
Code Issues Pull Requests Releases Wiki Activity
Files
2379d9575951b746d42ae3df20b7b0836ddb2aca
SkycrateBackend/src/main/java/com/skycrate/backend/skycrateBackend/services/RefreshTokenService.java
T
notkshitij 2379d95759 Add refresh token support with /api/auth/refresh endpoint 
- RefreshToken entity added with 1-token-per-user logic.
- JWT can be renewed without full login using refresh token.
2025-07-03 03:15:31 +05:30

42 lines
1.4 KiB
Java
Raw Blame History

package com.skycrate.backend.skycrateBackend.services;
import com.skycrate.backend.skycrateBackend.entity.RefreshToken;
import com.skycrate.backend.skycrateBackend.entity.User;
import com.skycrate.backend.skycrateBackend.repository.RefreshTokenRepository;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Service;
import java.time.Instant;
import java.util.Optional;
import java.util.UUID;
@Service
public class RefreshTokenService {
private final RefreshTokenRepository refreshTokenRepo;
@Value("${security.jwt.refresh-expiry-ms:604800000}") // 7 days default
private Long refreshTokenDurationMs;
public RefreshTokenService(RefreshTokenRepository refreshTokenRepo) {
this.refreshTokenRepo = refreshTokenRepo;
}
public RefreshToken createRefreshToken(User user) {
refreshTokenRepo.deleteByUser(user); // Allow only 1 active token per user
RefreshToken token = new RefreshToken();
token.setUser(user);
token.setExpiryDate(Instant.now().plusMillis(refreshTokenDurationMs));
token.setToken(UUID.randomUUID().toString());
return refreshTokenRepo.save(token);
}
public Optional<RefreshToken> findByToken(String token) {
return refreshTokenRepo.findByToken(token);
}
public boolean isExpired(RefreshToken token) {
return token.getExpiryDate().isBefore(Instant.now());
}
}
Reference in New Issue View Git Blame Copy Permalink