Merge pull request #22 from HongikGraduationProject/imei-login#2

Imei login#2
HongikGraduationProject · Jun 30, 2024 · 578907f · 578907f
2 parents 862ccca + 510bf2c
commit 578907f
Show file tree

Hide file tree

Showing 14 changed files with 100 additions and 87 deletions.
diff --git a/src/main/java/com/hongik/graduationproject/config/SecurityConfig.java b/src/main/java/com/hongik/graduationproject/config/SecurityConfig.java
@@ -1,6 +1,7 @@
 package com.hongik.graduationproject.config;
 
 import com.hongik.graduationproject.jwt.JwtAuthenticationFilter;
+import com.hongik.graduationproject.jwt.JwtExceptionFilter;
 import lombok.RequiredArgsConstructor;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
@@ -19,31 +20,24 @@ public class SecurityConfig {
 
     private final JwtAuthenticationFilter jwtAuthenticationFilter;
 
-    @Bean
-    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
-        return http
-                .csrf(AbstractHttpConfigurer::disable)
-                .authorizeHttpRequests((authorizeRequests) -> authorizeRequests.anyRequest().permitAll())
-                .build();
-    }
-
     @Bean
     protected SecurityFilterChain configure(HttpSecurity httpSecurity) throws Exception{
         httpSecurity
                 .cors(Customizer.withDefaults())
                 .csrf(AbstractHttpConfigurer::disable)
                 .httpBasic(AbstractHttpConfigurer::disable)
+                .formLogin(AbstractHttpConfigurer::disable)
                 .sessionManagement((sessionManagement) ->
                         sessionManagement.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
                 .authorizeHttpRequests((authorizeHttpRequests) ->
                         authorizeHttpRequests
                                 .requestMatchers( "/api/auth/**").permitAll()
                                 .requestMatchers( "/v3/api-docs/**").permitAll()
                                 .requestMatchers( "/swagger-ui/**").permitAll()
-                                .anyRequest().authenticated());
+                                .anyRequest().hasRole("USER"));
 
         httpSecurity.addFilterBefore(jwtAuthenticationFilter, UsernamePasswordAuthenticationFilter.class);
-
+        httpSecurity.addFilterBefore(new JwtExceptionFilter(), JwtAuthenticationFilter.class);
         return httpSecurity.build();
     }
 }
diff --git a/src/main/java/com/hongik/graduationproject/controller/AuthController.java b/src/main/java/com/hongik/graduationproject/controller/AuthController.java
@@ -1,12 +1,10 @@
 package com.hongik.graduationproject.controller;
 
 import com.hongik.graduationproject.domain.dto.Response;
-import com.hongik.graduationproject.domain.dto.auth.ImeiJoinRequest;
-import com.hongik.graduationproject.domain.dto.auth.ImeiJoinResponse;
+import com.hongik.graduationproject.domain.dto.auth.IssueRequest;
+import com.hongik.graduationproject.domain.dto.auth.IssueTokenResponse;
 import com.hongik.graduationproject.domain.dto.auth.ReissueRequest;
 import com.hongik.graduationproject.domain.dto.auth.ReissueResponse;
-import com.hongik.graduationproject.domain.dto.video.VideoSummaryInitiateResponse;
-import com.hongik.graduationproject.service.auth.AuthService;
 import com.hongik.graduationproject.service.auth.ImeiAuthService;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.media.Content;
@@ -24,18 +22,10 @@ public class AuthController {
 
     private final ImeiAuthService imeiAuthService;
 
-    @Operation(summary = "reissue 요청", description = "reissue를 위한 메소드")
-    @ApiResponse(content = @Content(schema = @Schema(implementation = ReissueRequest.class)))
-    @PostMapping("/reissue")
-    public  Response<ReissueResponse> reissueToken(@RequestBody ReissueRequest reissueRequest) {
-        return Response.createSuccess(imeiAuthService.reissueToken(reissueRequest));
-    }
-
-
-    @Operation(summary = "회원가입 요청", description = "imei를 사용한 회원가입을 위한 메소드")
-    @ApiResponse(content = @Content(schema = @Schema(implementation = ImeiJoinRequest.class)))
+    @Operation(summary = "토큰 발급 요청", description = "imei를 사용한 토큰 발급을 위한 메소드")
+    @ApiResponse(content = @Content(schema = @Schema(implementation = IssueTokenResponse.class)))
     @PostMapping("")
-    public Response<ImeiJoinResponse> joinUserWithImei(@RequestBody ImeiJoinRequest imeiJoinRequest) {
-        return Response.createSuccess(imeiAuthService.joinUserWithImei(imeiJoinRequest));
+    public Response<IssueTokenResponse> issueTokenByImei(@RequestBody IssueRequest issueRequest) {
+        return Response.createSuccess(imeiAuthService.issueTokenFromImei(issueRequest));
     }
 }
diff --git a/src/main/java/com/hongik/graduationproject/controller/VideoSummaryController.java b/src/main/java/com/hongik/graduationproject/controller/VideoSummaryController.java
@@ -70,8 +70,4 @@ public Response<VideoSummaryListResponse> getAllSummariesByCategoryId(@Parameter
         return Response.createSuccess(videoSummaryService.getAllSummariesByCategoryId(categoryId));
     }
 
-    @GetMapping("/hi")
-    public Response<String> hi() {
-        return Response.createSuccess("hi");
-    }
 }
diff --git a/src/main/java/com/hongik/graduationproject/domain/dto/auth/ImeiJoinResponse.java b/src/main/java/com/hongik/graduationproject/domain/dto/auth/ImeiJoinResponse.java
diff --git a/...ject/domain/dto/auth/ImeiJoinRequest.java → ...project/domain/dto/auth/IssueRequest.java b/...ject/domain/dto/auth/ImeiJoinRequest.java → ...project/domain/dto/auth/IssueRequest.java
@@ -1,6 +1,6 @@
 package com.hongik.graduationproject.domain.dto.auth;
 
-public record ImeiJoinRequest(
+public record IssueRequest(
         String imei
 ) {
 }
diff --git a/src/main/java/com/hongik/graduationproject/domain/dto/auth/IssueTokenResponse.java b/src/main/java/com/hongik/graduationproject/domain/dto/auth/IssueTokenResponse.java
@@ -0,0 +1,6 @@
+package com.hongik.graduationproject.domain.dto.auth;
+
+public record IssueTokenResponse(
+        String accessToken
+) {
+}
diff --git a/src/main/java/com/hongik/graduationproject/exception/ErrorCode.java b/src/main/java/com/hongik/graduationproject/exception/ErrorCode.java
@@ -7,6 +7,7 @@
 @AllArgsConstructor
 @Getter
 public enum ErrorCode {
+    // 서비스 관련 에러
     INVALID_VIDEO_URL(HttpStatus.BAD_REQUEST, "유효하지 않은 영상 URL입니다."),
     ALREADY_REQUESTED_SUMMARIZING(HttpStatus.BAD_REQUEST, "사용자가 이미 해당 영상을 요약 요청했습니다."),
     FAILED_TO_EXTRACT_EXTRACT_ID(HttpStatus.BAD_REQUEST, "영상의 고유 ID를 추출하는데 실패했습니다."),
@@ -15,8 +16,11 @@ public enum ErrorCode {
     SUMMARIZING_STATUS_NOT_EXIST(HttpStatus.NOT_FOUND, "요약 정보를 찾을 수 없습니다."),
     CATEGORY_NOT_EXIST(HttpStatus.NOT_FOUND, "카테고리를 찾을 수 없습니다."),
     USER_ALREADY_EXISTS(HttpStatus.CONFLICT, "이미 가입한 사용자입니다."),
-    JWT_NOT_EXISTS(HttpStatus.BAD_REQUEST, "요청에 JWT가 존재하지 않습니다."),
-    INVALID_JWT(HttpStatus.BAD_REQUEST, "유효하지 않은 JWT입니다.");
+
+    // JWT 관련 에러
+    JWT_NOT_EXISTS(HttpStatus.UNAUTHORIZED, "요청에 JWT가 존재하지 않습니다."),
+    INVALID_JWT(HttpStatus.UNAUTHORIZED, "유효하지 않은 JWT입니다."),
+    JWT_EXPIRED(HttpStatus.UNAUTHORIZED, "JWT가 만료되었습니다.");
 
     private final HttpStatus httpStatus;
     private final String message;

diff --git a/src/main/java/com/hongik/graduationproject/jwt/JwtAuthenticationFilter.java b/src/main/java/com/hongik/graduationproject/jwt/JwtAuthenticationFilter.java
@@ -6,11 +6,14 @@
 import jakarta.servlet.http.HttpServletResponse;
 import lombok.RequiredArgsConstructor;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
 import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.stereotype.Component;
 import org.springframework.web.filter.OncePerRequestFilter;
 
 import java.io.IOException;
+import java.util.Collection;
+import java.util.Collections;
 
 @Component
 @RequiredArgsConstructor
@@ -30,8 +33,8 @@ protected void doFilterInternal(HttpServletRequest request, HttpServletResponse
 
     private void setAuthentication(String accessToken) {
         Long userId = tokenProvider.parseUserId(accessToken);
-
-        UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(userId, "");
+        UsernamePasswordAuthenticationToken authenticationToken =
+                new UsernamePasswordAuthenticationToken(userId, "", Collections.singletonList(new SimpleGrantedAuthority("ROLE_USER")));
         SecurityContextHolder.getContext().setAuthentication(authenticationToken);
     }
 

diff --git a/src/main/java/com/hongik/graduationproject/jwt/JwtExceptionFilter.java b/src/main/java/com/hongik/graduationproject/jwt/JwtExceptionFilter.java
@@ -0,0 +1,46 @@
+package com.hongik.graduationproject.jwt;
+
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.hongik.graduationproject.exception.AppException;
+import jakarta.servlet.FilterChain;
+import jakarta.servlet.ServletException;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import lombok.AllArgsConstructor;
+import org.springframework.http.MediaType;
+import org.springframework.stereotype.Component;
+import org.springframework.web.filter.OncePerRequestFilter;
+
+import java.io.IOException;
+import java.util.HashMap;
+import java.util.Map;
+
+@Component
+@AllArgsConstructor
+public class JwtExceptionFilter extends OncePerRequestFilter {
+
+    @Override
+    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
+        try {
+            System.out.println("필터 탐1 +++++++++++++++");
+            filterChain.doFilter(request, response);
+        } catch (AppException e) {
+            setErrorResponse(request, response, e);
+            System.out.println("필터 탐2 +++++++++++++++");
+        }
+    }
+
+    public void setErrorResponse(HttpServletRequest request, HttpServletResponse response, AppException ex) throws IOException {
+        final Map<String, Object> body = new HashMap<>();
+        final ObjectMapper mapper = new ObjectMapper();
+
+        System.out.println(ex.getErrorCode().getMessage());
+        body.put("result", "error");
+        body.put("message", ex.getErrorCode().getMessage());
+        body.put("data", null);
+
+        response.setContentType("application/json; charset=UTF-8");
+        response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
+        response.getWriter().write(mapper.writeValueAsString(body));
+    }
+}
diff --git a/src/main/java/com/hongik/graduationproject/jwt/TokenProvider.java b/src/main/java/com/hongik/graduationproject/jwt/TokenProvider.java
@@ -43,8 +43,10 @@ public boolean validateToken(String token) {
         }
         try {
             Jwts.parser().setSigningKey(jwtSecretKey).parseClaimsJws(token).getBody();
-        } catch (SignatureException | ExpiredJwtException e) {
+        } catch (SignatureException | MalformedJwtException e) {
             throw new AppException(ErrorCode.INVALID_JWT);
+        } catch (ExpiredJwtException e ) {
+            throw new AppException(ErrorCode.JWT_EXPIRED);
         }
         return true;
     }

diff --git a/src/main/java/com/hongik/graduationproject/repository/UserRepository.java b/src/main/java/com/hongik/graduationproject/repository/UserRepository.java
@@ -11,5 +11,6 @@ public interface UserRepository extends JpaRepository<User, Long> {
     public User findByKakaoId(Long kakaoId);
     Optional<User> findById(Long id);
     Optional<User> findByEmail(String email);
+    Optional<User> findByImei(String imei);
     boolean existsByImei(String imei);
 }
diff --git a/src/main/java/com/hongik/graduationproject/service/VideoSummaryService.java b/src/main/java/com/hongik/graduationproject/service/VideoSummaryService.java
@@ -70,8 +70,6 @@ private boolean checkDuplicateSummarizing(String videoCode, Long userId) {
     public VideoSummaryDto getVideoSummaryById(Long videoSummaryId) {
         VideoSummary videoSummary = videoSummaryRepository.getReferenceById(videoSummaryId);
         VideoSummaryCategory videoSummaryCategory = videoSummaryCategoryRepository.findByVideoSummary(videoSummary);
-//        VideoSummary videoSummary =
-        //videoSummaryRepository.findById(videoSummaryId).orElseThrow(() -> new AppException(ErrorCode.VIDEO_SUMMARY_NOT_FOUND));
 
         return VideoSummaryDto.from(videoSummaryCategory);
     }
@@ -84,7 +82,6 @@ public VideoSummaryStatusResponse getStatus(String videoCode, Long userId) {
         if (statusCache.getStatus().equals(COMPLETE.name())) {
             Category category = categoryRepository.findDefaultCategoryByUserIdAndMainCategory(userId, statusCache.getGeneratedMainCategory())
                     .orElseThrow(() -> new AppException(ErrorCode.CATEGORY_NOT_EXIST));
-//            Category category = categoryRepository.findDefaultCategoryByUserIdAndMainCategory(1L, statusCache.getGeneratedMainCategory())
             VideoSummary videoSummary = videoSummaryRepository.getReferenceById(statusCache.getVideoSummaryId());
 
             videoSummaryCategoryRepository.save(VideoSummaryCategory.builder()

diff --git a/src/main/java/com/hongik/graduationproject/service/auth/ImeiAuthService.java b/src/main/java/com/hongik/graduationproject/service/auth/ImeiAuthService.java
@@ -1,14 +1,12 @@
 package com.hongik.graduationproject.service.auth;
 
-import com.hongik.graduationproject.domain.dto.auth.ImeiJoinRequest;
-import com.hongik.graduationproject.domain.dto.auth.ImeiJoinResponse;
+import com.hongik.graduationproject.domain.dto.auth.IssueRequest;
+import com.hongik.graduationproject.domain.dto.auth.IssueTokenResponse;
 import com.hongik.graduationproject.domain.dto.auth.ReissueRequest;
 import com.hongik.graduationproject.domain.dto.auth.ReissueResponse;
 import com.hongik.graduationproject.domain.entity.Category;
 import com.hongik.graduationproject.domain.entity.User;
 import com.hongik.graduationproject.enums.MainCategory;
-import com.hongik.graduationproject.exception.AppException;
-import com.hongik.graduationproject.exception.ErrorCode;
 import com.hongik.graduationproject.jwt.TokenProvider;
 import com.hongik.graduationproject.repository.CategoryRepository;
 import com.hongik.graduationproject.repository.UserRepository;
@@ -23,54 +21,42 @@
 @RequiredArgsConstructor
 @Slf4j
 public class ImeiAuthService {
-
     private final UserRepository userRepository;
     private final CategoryRepository categoryRepository;
     private final TokenProvider tokenProvider;
 
-    public ImeiJoinResponse joinUserWithImei(ImeiJoinRequest imeiJoinRequest) {
-        checkDuplicateUser(imeiJoinRequest);
-
-        User savedUser = userRepository.save(User.builder()
-                            .imei(imeiJoinRequest.imei())
-                            .build());
-
-        createCategories(savedUser);
+    public IssueTokenResponse issueTokenFromImei(IssueRequest issueRequest) {
+        User user;
+        if (!userRepository.existsByImei(issueRequest.imei())) {
+            user = createUser(issueRequest);
+        } else {
+            user = userRepository.findByImei(issueRequest.imei()).get();
+        }
 
-        String accessToken = tokenProvider.createAccessToken(savedUser.getId());
-        String refreshToken = tokenProvider.createRefreshToken(savedUser.getId());
+        String accessToken = tokenProvider.createAccessToken(user.getId());
 
-        return new ImeiJoinResponse(accessToken, refreshToken);
+        return new IssueTokenResponse(accessToken);
     }
 
-    public ReissueResponse reissueToken(ReissueRequest reissueRequest) {
-        Long userId = tokenProvider.parseUserId(reissueRequest.getAccessToken());
-
-        tokenProvider.validateToken(reissueRequest.getRefreshToken());
-
-        String newAccessToken = tokenProvider.createAccessToken(userId);
-        String newRefreshToken = tokenProvider.createRefreshToken(userId);
+    private User createUser(IssueRequest issueRequest) {
+        User user;
+        user = userRepository.save(User.builder()
+                .imei(issueRequest.imei())
+                .build());
 
-        return new ReissueResponse(newAccessToken, newRefreshToken);
+        createCategories(user);
+        return user;
     }
 
     private void createCategories(User savedUser) {
         List<Category> categoryList = new ArrayList<>();
         for (MainCategory mainCategory : MainCategory.values()) {
             categoryList.add(Category.builder()
-                            .user(savedUser)
-                            .mainCategory(mainCategory)
-                            .subCategory("기타")
-                            .build());
+                    .user(savedUser)
+                    .mainCategory(mainCategory)
+                    .subCategory("기타")
+                    .build());
         }
         categoryRepository.saveAll(categoryList);
     }
-
-    private void checkDuplicateUser(ImeiJoinRequest imeiJoinRequest) {
-        if (userRepository.existsByImei(imeiJoinRequest.imei())) {
-            throw new AppException(ErrorCode.USER_ALREADY_EXISTS);
-        }
-    }
-
-
 }
diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml
@@ -4,13 +4,10 @@ server:
 
 jwt:
   secret: ${JWT_SECRET_KEY}
-#  # 5시간
-#  access-token-time: 2592000000
   # 10일
   access-token-time: 864000000
   # 30일
   refresh-token-time: 2592000000
-# RabbitMQ ?? ??
 spring:
 
   rabbitmq: