-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
* chore(config): enable OpenFeign * chore(config): OpenFeign 설정 변경 * chore(build): jwt 의존성 추가 * chore(yml): jwt 설정 추가 * feat(auth): 구글 auth feign 추가 * feat(auth): 구글 auth로 로그인 구현 * feat(auth): 토큰 발급 * feat(user): 유저 추가 혹은 업데이트 구현 * feat(auth): jwt credential 추가 * feat(user): email 추가 * feat(auth): exception들 추가 * feat(user): Role 제거 * feat(auth): dto 추가 * feat(user): Role 추가 * feat(profile): getCurrentUser 추가 * feat(comment): getCurrentUser 추가 * feat(like): getCurrentUser 추가 * feat(auth): 현재 사용자를 저장하는 authRepository 구현 * feat(auth): 인터셉터 구현
- Loading branch information
Showing
13 changed files
with
220 additions
and
47 deletions.
There are no files selected for viewing
12 changes: 12 additions & 0 deletions
12
src/main/java/com/sickgyun/server/auth/annotation/AdminOnly.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,12 @@ | ||
package com.sickgyun.server.auth.annotation; | ||
|
||
import java.lang.annotation.ElementType; | ||
import java.lang.annotation.Retention; | ||
import java.lang.annotation.RetentionPolicy; | ||
import java.lang.annotation.Target; | ||
|
||
@Target(ElementType.METHOD) | ||
@Retention(RetentionPolicy.RUNTIME) | ||
@LoginRequired | ||
public @interface AdminOnly { | ||
} |
11 changes: 11 additions & 0 deletions
11
src/main/java/com/sickgyun/server/auth/annotation/LoginRequired.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,11 @@ | ||
package com.sickgyun.server.auth.annotation; | ||
|
||
import java.lang.annotation.ElementType; | ||
import java.lang.annotation.Retention; | ||
import java.lang.annotation.RetentionPolicy; | ||
import java.lang.annotation.Target; | ||
|
||
@Target({ElementType.METHOD, ElementType.ANNOTATION_TYPE}) | ||
@Retention(RetentionPolicy.RUNTIME) | ||
public @interface LoginRequired { | ||
} |
54 changes: 54 additions & 0 deletions
54
src/main/java/com/sickgyun/server/auth/interceptor/AuthInterceptor.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,54 @@ | ||
package com.sickgyun.server.auth.interceptor; | ||
|
||
import org.springframework.context.annotation.Configuration; | ||
import org.springframework.web.method.HandlerMethod; | ||
import org.springframework.web.servlet.HandlerInterceptor; | ||
|
||
import com.sickgyun.server.auth.annotation.AdminOnly; | ||
import com.sickgyun.server.auth.annotation.LoginRequired; | ||
import com.sickgyun.server.auth.exception.UserIsNotAdminException; | ||
import com.sickgyun.server.auth.repository.AuthRepository; | ||
import com.sickgyun.server.auth.util.BearerTokenExtractor; | ||
import com.sickgyun.server.auth.util.JwtParser; | ||
import com.sickgyun.server.user.domain.User; | ||
import com.sickgyun.server.user.domain.repository.UserRepository; | ||
import com.sickgyun.server.user.domain.role.Role; | ||
import com.sickgyun.server.user.exception.UserNotFoundException; | ||
|
||
import jakarta.servlet.http.HttpServletRequest; | ||
import jakarta.servlet.http.HttpServletResponse; | ||
import lombok.RequiredArgsConstructor; | ||
|
||
@Configuration | ||
@RequiredArgsConstructor | ||
public class AuthInterceptor implements HandlerInterceptor { | ||
private final JwtParser jwtParser; | ||
private final AuthRepository authRepository; | ||
private final UserRepository userRepository; | ||
|
||
@Override | ||
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) { | ||
if (handler instanceof HandlerMethod hm) { | ||
if (hm.hasMethodAnnotation(LoginRequired.class)) { | ||
String jwt = BearerTokenExtractor.extract(request); | ||
Long userId = jwtParser.getIdFromJwt(jwt); | ||
|
||
User user = userRepository.findById(userId) | ||
.orElseThrow(() -> new UserNotFoundException(userId)); | ||
|
||
authRepository.updateCurrentUser(user); | ||
} | ||
if (hm.hasMethodAnnotation(AdminOnly.class)) { | ||
User currentUser = authRepository.getCurrentUser(); | ||
shouldUserAdmin(currentUser); | ||
} | ||
} | ||
return true; | ||
} | ||
|
||
private static void shouldUserAdmin(User currentUser) { | ||
if (currentUser.getRole() != Role.ADMIN) { | ||
throw new UserIsNotAdminException(); | ||
} | ||
} | ||
} |
22 changes: 22 additions & 0 deletions
22
src/main/java/com/sickgyun/server/auth/repository/AuthRepository.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,22 @@ | ||
package com.sickgyun.server.auth.repository; | ||
|
||
import org.springframework.stereotype.Repository; | ||
|
||
import com.sickgyun.server.auth.exception.UserNotLoginException; | ||
import com.sickgyun.server.user.domain.User; | ||
|
||
@Repository | ||
public class AuthRepository { | ||
private User currentUser; | ||
|
||
public User getCurrentUser() { | ||
if (currentUser == null) { | ||
throw new UserNotLoginException(); | ||
} | ||
return currentUser; | ||
} | ||
|
||
public void updateCurrentUser(User currentUser) { | ||
this.currentUser = currentUser; | ||
} | ||
} |
33 changes: 33 additions & 0 deletions
33
src/main/java/com/sickgyun/server/auth/util/BearerTokenExtractor.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,33 @@ | ||
package com.sickgyun.server.auth.util; | ||
|
||
import static org.springframework.http.HttpHeaders.*; | ||
|
||
import com.sickgyun.server.auth.exception.TokenInvalidException; | ||
import com.sickgyun.server.auth.exception.TokenMissingException; | ||
|
||
import jakarta.servlet.http.HttpServletRequest; | ||
import lombok.AccessLevel; | ||
import lombok.NoArgsConstructor; | ||
|
||
@NoArgsConstructor(access = AccessLevel.PRIVATE) | ||
public class BearerTokenExtractor { | ||
|
||
private static final String BEARER_TYPE = "Bearer "; | ||
private static final String BEARER_JWT_REGEX = "^Bearer [A-Za-z0-9-_=]+\\.[A-Za-z0-9-_=]+\\.?[A-Za-z0-9-_.+/=]*$"; | ||
|
||
public static String extract(HttpServletRequest request) { | ||
String authorization = request.getHeader(AUTHORIZATION); | ||
validate(authorization); | ||
return authorization.replace(BEARER_TYPE, "").trim(); | ||
} | ||
|
||
private static void validate(String authorization) { | ||
if (authorization == null) { | ||
throw new TokenMissingException(); | ||
} | ||
if (!authorization.matches(BEARER_JWT_REGEX)) { | ||
throw new TokenInvalidException(); | ||
} | ||
} | ||
|
||
} |
35 changes: 35 additions & 0 deletions
35
src/main/java/com/sickgyun/server/auth/util/JwtParser.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,35 @@ | ||
package com.sickgyun.server.auth.util; | ||
|
||
import org.springframework.stereotype.Component; | ||
|
||
import com.sickgyun.server.auth.exception.TokenExpiredException; | ||
import com.sickgyun.server.auth.exception.TokenInvalidException; | ||
import com.sickgyun.server.common.config.JwtCredentials; | ||
|
||
import io.jsonwebtoken.ExpiredJwtException; | ||
import io.jsonwebtoken.JwtException; | ||
import io.jsonwebtoken.Jwts; | ||
import lombok.RequiredArgsConstructor; | ||
|
||
@Component | ||
@RequiredArgsConstructor | ||
public class JwtParser { | ||
public static final String ID = "id"; | ||
private final JwtCredentials jwtCredentials; | ||
|
||
public Long getIdFromJwt(String jwt) { | ||
try { | ||
return Long.parseLong(Jwts.parserBuilder() | ||
.setSigningKey(jwtCredentials.secretKey()) | ||
.build() | ||
.parseClaimsJws(jwt) | ||
.getBody() | ||
.get(ID) | ||
.toString()); | ||
} catch (ExpiredJwtException e) { | ||
throw new TokenExpiredException(); | ||
} catch (JwtException e) { | ||
throw new TokenInvalidException(); | ||
} | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
25 changes: 25 additions & 0 deletions
25
src/main/java/com/sickgyun/server/common/config/InterceptorConfig.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,25 @@ | ||
package com.sickgyun.server.common.config; | ||
|
||
import org.springframework.context.annotation.Configuration; | ||
import org.springframework.web.servlet.config.annotation.InterceptorRegistry; | ||
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer; | ||
|
||
import com.sickgyun.server.auth.interceptor.AuthInterceptor; | ||
import com.sickgyun.server.auth.repository.AuthRepository; | ||
import com.sickgyun.server.auth.util.JwtParser; | ||
import com.sickgyun.server.user.domain.repository.UserRepository; | ||
|
||
import lombok.RequiredArgsConstructor; | ||
|
||
@Configuration | ||
@RequiredArgsConstructor | ||
public class InterceptorConfig implements WebMvcConfigurer { | ||
private final JwtParser jwtParser; | ||
private final AuthRepository authRepository; | ||
private final UserRepository userRepository; | ||
|
||
@Override | ||
public void addInterceptors(InterceptorRegistry registry) { | ||
registry.addInterceptor(new AuthInterceptor(jwtParser, authRepository, userRepository)); | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
package com.sickgyun.server.user.domain.role; | ||
|
||
public enum Role { | ||
ADMIN, | ||
USER | ||
} |
19 changes: 0 additions & 19 deletions
19
src/main/java/com/sickgyun/server/user/service/UserTempService.java
This file was deleted.
Oops, something went wrong.