AuthService.java
3.99 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
package com.ecommerce.user.service;
import com.ecommerce.user.model.*;
import com.ecommerce.user.repository.UserRepository;
import lombok.RequiredArgsConstructor;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import java.time.LocalDateTime;
@Service
@RequiredArgsConstructor
public class AuthService {
private final UserRepository userRepository;
private final PasswordEncoder passwordEncoder;
private final JwtService jwtService;
private final RedisService redisService;
@Transactional
public AuthResponse register(RegisterRequest request) {
// 检查用户是否已存在
if (userRepository.findByEmail(request.getEmail()).isPresent()) {
throw new RuntimeException("Email already exists");
}
if (userRepository.findByUsername(request.getUsername()).isPresent()) {
throw new RuntimeException("Username already exists");
}
// 创建新用户
User user = new User();
user.setUsername(request.getUsername());
user.setEmail(request.getEmail());
user.setPasswordHash(passwordEncoder.encode(request.getPassword()));
user.setFirstName(request.getFirstName());
user.setLastName(request.getLastName());
user.setPhone(request.getPhone());
User savedUser = userRepository.save(user);
// 生成 JWT token
String accessToken = jwtService.generateAccessToken(savedUser);
String refreshToken = jwtService.generateRefreshToken(savedUser);
return AuthResponse.builder()
.accessToken(accessToken)
.refreshToken(refreshToken)
.userId(savedUser.getId())
.username(savedUser.getUsername())
.email(savedUser.getEmail())
.build();
}
public AuthResponse login(LoginRequest request) {
User user = userRepository.findByEmail(request.getEmail())
.orElseThrow(() -> new RuntimeException("User not found"));
if (!passwordEncoder.matches(request.getPassword(), user.getPasswordHash())) {
throw new RuntimeException("Invalid password");
}
// 更新最后登录时间
user.setLastLoginAt(LocalDateTime.now());
userRepository.save(user);
String accessToken = jwtService.generateAccessToken(user);
String refreshToken = jwtService.generateRefreshToken(user);
return AuthResponse.builder()
.accessToken(accessToken)
.refreshToken(refreshToken)
.userId(user.getId())
.username(user.getUsername())
.email(user.getEmail())
.build();
}
public AuthResponse refreshToken(String refreshToken) {
String token = refreshToken.replace("Bearer ", "");
String username = jwtService.extractUsername(token);
User user = userRepository.findByUsername(username)
.orElseThrow(() -> new RuntimeException("User not found"));
if (!jwtService.validateToken(token, user)) {
throw new RuntimeException("Invalid refresh token");
}
String newAccessToken = jwtService.generateAccessToken(user);
String newRefreshToken = jwtService.generateRefreshToken(user);
return AuthResponse.builder()
.accessToken(newAccessToken)
.refreshToken(newRefreshToken)
.userId(user.getId())
.username(user.getUsername())
.email(user.getEmail())
.build();
}
public void logout(String token) {
String accessToken = token.replace("Bearer ", "");
long expiration = jwtService.getExpirationFromToken(accessToken);
redisService.blacklistToken(accessToken, expiration);
}
}