feat(be) #641: refresh 토큰이 만료되면 자동 로그아웃이 되도록 클라이언트에게 알려주는 기능 추가

be/src/main/java/com/foodymoody/be/auth/application/usecase/TokenReissueUseCase.java

@@ -5,6 +5,7 @@
 import com.foodymoody.be.auth.application.service.TokenService;
 import com.foodymoody.be.auth.domain.RefreshTokenStorage;
 import com.foodymoody.be.auth.infra.util.JwtUtil;
+import com.foodymoody.be.common.exception.ExpiredTokenException;
 import com.foodymoody.be.common.exception.InvalidTokenException;
 import com.foodymoody.be.common.util.ids.IdFactory;
 import com.foodymoody.be.member.application.service.MemberReadService;
@@ -26,10 +27,17 @@ public class TokenReissueUseCase {
     public TokenIssueResponse reIssueToken(TokenIssueRequest request) {
         String refreshToken = request.getRefreshToken();
         String memberId = jwtUtil.parseRefreshToken(refreshToken);
-        validateRefreshToken(refreshToken, memberId);
-        Member member = memberReadService.findById(IdFactory.createMemberId(memberId));
-        Date now = new Date();
-        return tokenService.issue(now, member);
+        try {
+            validateRefreshToken(refreshToken, memberId);
+            Member member = memberReadService.findById(IdFactory.createMemberId(memberId));
+            Date now = new Date();
+            return tokenService.issue(now, member);
+        } catch (ExpiredTokenException e) {
+            // 자동 로그아웃 처리 (refreshToken 삭제)
+            refreshTokenStorage.deleteByMemberId(memberId);
+            // 클라이언트에게 자동 로그아웃 알림
+            throw new ExpiredTokenException();
+        }
     }
 
     private void validateRefreshToken(String refreshToken, String memberId) {

be/src/main/java/com/foodymoody/be/auth/domain/RefreshTokenStorage.java

@@ -12,4 +12,6 @@ public interface RefreshTokenStorage {
 
     boolean isBlacklist(String token);
 
+    void deleteByMemberId(String memberId);
+
 }

be/src/main/java/com/foodymoody/be/auth/infra/persistence/refreshTokenStorage.java

@@ -33,4 +33,9 @@ public boolean isBlacklist(String token) {
         return blacklist.containsKey(token);
     }
 
+    @Override
+    public void deleteByMemberId(String memberId) {
+        refreshTokens.remove(memberId);
+    }
+
 }

be/src/main/java/com/foodymoody/be/auth/infra/util/JwtUtil.java

@@ -1,6 +1,7 @@
 package com.foodymoody.be.auth.infra.util;
 
 import com.foodymoody.be.common.exception.ClaimNotFoundException;
+import com.foodymoody.be.common.exception.ExpiredTokenException;
 import com.foodymoody.be.common.exception.InvalidTokenException;
 import io.jsonwebtoken.Claims;
 import io.jsonwebtoken.IncorrectClaimException;
@@ -101,6 +102,8 @@ private Claims extractClaims(String token) {
             return parser.parseClaimsJws(token).getBody();
         } catch (JwtException e) {
             throw new InvalidTokenException();
+        } catch (ExpiredTokenException e) {
+            throw new ExpiredTokenException(); // 자동 로그아웃을 위한 별도 예외
         }
     }
 

be/src/main/java/com/foodymoody/be/common/exception/ErrorMessage.java

@@ -42,6 +42,7 @@ public enum ErrorMessage {
     MEMBER_INCORRECT_PASSWORD("사용자 정보와 비밀번호가 일치하지 않습니다", "a005"),
     UNSUPPORTED_OAUTH_PROVIDER("지원되지 않는 OAuth입니다.", "a006"),
     INVALID_OAUTH_RESPONSE("OAuth 클라이언트로부터의 응답이 유효하지 않습니다", "a007"),
+    EXPIRED_TOKEN("세션이 만료되었습니다. 다시 로그인해 주세요.", "a008"),
     // mood
     DUPLICATE_MOOD("이미 존재하는 무드입니다", "o001"),
     MOOD_NOT_FOUND("존재하지 않는 무드입니다", "o002"),

be/src/main/java/com/foodymoody/be/common/exception/ExpiredTokenException.java

@@ -0,0 +1,9 @@
+package com.foodymoody.be.common.exception;
+
+public class ExpiredTokenException extends BusinessException {
+
+    public ExpiredTokenException() {
+        super(ErrorMessage.EXPIRED_TOKEN);
+    }
+
+}