feat(usr): jwtutil signRefresh REQ-USR-004

zichun
1 parent 967f69fc
Showing 2 changed files with 20 additions and 2 deletions
backend/src/main/java/com/xly/erp/common/security/JwtUtil.java
backend/src/test/java/com/xly/erp/common/security/JwtUtilTest.java
@@ -16,7 +16,8 @@ import java.util.Date;
 @Component
 public class JwtUtil {
-    private static final Duration TTL = Duration.ofHours(8);
+    public static final Duration ACCESS_TTL = Duration.ofHours(8);
+    public static final Duration REFRESH_TTL = Duration.ofDays(30);
     private final SecretKey key;
@@ -30,11 +31,19 @@ public class JwtUtil {
     }
     public String sign(String userNo) {
+        return sign(userNo, ACCESS_TTL);
+    }
+
+    public String signRefresh(String userNo) {
+        return sign(userNo, REFRESH_TTL);
+    }
+
+    public String sign(String userNo, Duration ttl) {
         Date now = new Date();
         return Jwts.builder()
                 .subject(userNo)
                 .issuedAt(now)
-                .expiration(new Date(now.getTime() + TTL.toMillis()))
+                .expiration(new Date(now.getTime() + ttl.toMillis()))
                 .signWith(key)
                 .compact();
     }
@@ -34,4 +34,13 @@ class JwtUtilTest {
                 .isInstanceOf(BizException.class)
                 .hasFieldOrPropertyWithValue("code", 20001);
     }
+
+    @Test
+    void signRefresh_signsValidLongerLivedToken() {
+        String accessToken = jwtUtil.sign("U1");
+        String refreshToken = jwtUtil.signRefresh("U1");
+        assertThat(jwtUtil.parse(accessToken)).isEqualTo("U1");
+        assertThat(jwtUtil.parse(refreshToken)).isEqualTo("U1");
+        assertThat(refreshToken).isNotEqualTo(accessToken);
+    }
 }