From ff62618f21123b73a86b1066909dda4cbbde46d9 Mon Sep 17 00:00:00 2001 From: yxhwxn Date: Thu, 1 Aug 2024 02:57:34 +0900 Subject: [PATCH] =?UTF-8?q?Refactor:=20FilterChain=20=EB=B6=84=EB=A6=AC,?= =?UTF-8?q?=20setting=20=ED=8C=8C=EC=9D=BC=20=EC=88=98=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../security/config/WebSecurityConfig.java | 25 +----- .../global/security/jwt/JwtTokenProvider.java | 4 +- .../service/MemberDetailsService.java | 9 +- .../global/security/util/SecurityUtil.java | 3 + .../member/controller/dto/MemberDetails.java | 67 -------------- .../service/command/MemberCommandService.java | 16 ---- .../command/MemberCommandServiceImpl.java | 90 ------------------- 7 files changed, 13 insertions(+), 201 deletions(-) delete mode 100644 src/main/java/com/cmc/suppin/member/controller/dto/MemberDetails.java delete mode 100644 src/main/java/com/cmc/suppin/member/service/command/MemberCommandService.java delete mode 100644 src/main/java/com/cmc/suppin/member/service/command/MemberCommandServiceImpl.java diff --git a/src/main/java/com/cmc/suppin/global/security/config/WebSecurityConfig.java b/src/main/java/com/cmc/suppin/global/security/config/WebSecurityConfig.java index b546ef9..bb0f6a9 100644 --- a/src/main/java/com/cmc/suppin/global/security/config/WebSecurityConfig.java +++ b/src/main/java/com/cmc/suppin/global/security/config/WebSecurityConfig.java @@ -23,7 +23,6 @@ import java.util.List; import static com.cmc.suppin.global.enums.UserRole.ROLE_USER; -import static org.springframework.http.HttpMethod.DELETE; import static org.springframework.http.HttpMethod.PATCH; import static org.springframework.security.web.util.matcher.AntPathRequestMatcher.antMatcher; @@ -62,23 +61,6 @@ public SecurityFilterChain securityFilterChainPermitAll(HttpSecurity http) throw return http.build(); } - /* - @Bean - public SecurityFilterChain securityFilterChainOAuth(HttpSecurity http) throws Exception { - configureCommonSecuritySettings(http); - http - .securityMatchers(matchers -> matchers - .requestMatchers( - antMatcher("/login/**"), - antMatcher("/login/oauth2/code/**") - )) - .authorizeHttpRequests(authorize -> authorize - .anyRequest() - .permitAll()); - return http.build(); - } - */ - /** * 인증 및 인가가 필요한 엔드포인트에 적용되는 SecurityFilterChain 입니다. */ @@ -122,7 +104,7 @@ public SecurityFilterChain securityFilterChainDefault(HttpSecurity http) throws private RequestMatcher[] requestHasRoleUser() { List requestMatchers = List.of( - antMatcher(DELETE, "/api/members"), + antMatcher("/api/v1/members/**"), antMatcher(PATCH, "/api/members") ); return requestMatchers.toArray(RequestMatcher[]::new); @@ -134,12 +116,9 @@ private RequestMatcher[] requestPermitAll() { antMatcher("/swagger-ui/**"), antMatcher("/actuator/**"), antMatcher("/v3/api-docs/**"), - antMatcher("/ws/**"), - antMatcher("/from/**"), - antMatcher("/to/**"), antMatcher("/api/v1/members/login/**"), antMatcher("/api/v1/members/join"), - antMatcher("/api/sse") + antMatcher("/api/v1/survey/reply/**") ); return requestMatchers.toArray(RequestMatcher[]::new); } diff --git a/src/main/java/com/cmc/suppin/global/security/jwt/JwtTokenProvider.java b/src/main/java/com/cmc/suppin/global/security/jwt/JwtTokenProvider.java index 81cf13f..b3c703d 100644 --- a/src/main/java/com/cmc/suppin/global/security/jwt/JwtTokenProvider.java +++ b/src/main/java/com/cmc/suppin/global/security/jwt/JwtTokenProvider.java @@ -33,10 +33,10 @@ public class JwtTokenProvider { private static final String AUTHENTICATION_CLAIM_NAME = "roles"; private static final String AUTHENTICATION_SCHEME = "Bearer "; - @Value("${jwt.secret-key}") + @Value("${JWT_SECRET_KEY}") private String secretKey; - @Value("${jwt.access-expiry-seconds}") + @Value("${ACCESS_EXPIRY_SECONDS}") private int accessExpirySeconds; // @Value("${jwt.refresh-expiry-seconds}") diff --git a/src/main/java/com/cmc/suppin/global/security/service/MemberDetailsService.java b/src/main/java/com/cmc/suppin/global/security/service/MemberDetailsService.java index c4c4321..378d38b 100644 --- a/src/main/java/com/cmc/suppin/global/security/service/MemberDetailsService.java +++ b/src/main/java/com/cmc/suppin/global/security/service/MemberDetailsService.java @@ -12,6 +12,7 @@ import org.springframework.security.core.userdetails.UsernameNotFoundException; import org.springframework.stereotype.Service; +import java.util.ArrayList; import java.util.List; import static com.cmc.suppin.global.exception.MemberErrorCode.MEMBER_ALREADY_DELETED; @@ -46,8 +47,10 @@ public UserDetails loadUserByUsername(String userId) throws UsernameNotFoundExce } private List getAuthorities(Member member) { - return member.getRole() != null ? - List.of(new SimpleGrantedAuthority(member.getRole().name())) - : null; + List authorities = new ArrayList<>(); + if (member.getRole() != null) { + authorities.add(new SimpleGrantedAuthority(member.getRole().name())); + } + return authorities; } } diff --git a/src/main/java/com/cmc/suppin/global/security/util/SecurityUtil.java b/src/main/java/com/cmc/suppin/global/security/util/SecurityUtil.java index ba94213..a523ea9 100644 --- a/src/main/java/com/cmc/suppin/global/security/util/SecurityUtil.java +++ b/src/main/java/com/cmc/suppin/global/security/util/SecurityUtil.java @@ -6,12 +6,14 @@ import com.cmc.suppin.global.security.user.UserDetailsImpl; import lombok.AccessLevel; import lombok.NoArgsConstructor; +import lombok.extern.slf4j.Slf4j; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; import org.springframework.security.core.Authentication; import org.springframework.security.core.context.SecurityContextHolder; import java.util.Objects; +@Slf4j @NoArgsConstructor(access = AccessLevel.PRIVATE) public class SecurityUtil { @@ -24,6 +26,7 @@ public static Account getCurrentAccount() { private static void validateAuthentication(Authentication authentication) { if (Objects.isNull(authentication) || !(authentication instanceof UsernamePasswordAuthenticationToken)) { + log.error(">>>>>> Invalid Authentication : {}", authentication); throw new SecurityException(SecurityErrorCode.UNAUTHORIZED); } } diff --git a/src/main/java/com/cmc/suppin/member/controller/dto/MemberDetails.java b/src/main/java/com/cmc/suppin/member/controller/dto/MemberDetails.java deleted file mode 100644 index db9b49b..0000000 --- a/src/main/java/com/cmc/suppin/member/controller/dto/MemberDetails.java +++ /dev/null @@ -1,67 +0,0 @@ -package com.cmc.suppin.member.controller.dto; - -import com.cmc.suppin.member.domain.Member; -import org.springframework.security.core.GrantedAuthority; -import org.springframework.security.core.userdetails.UserDetails; - -import java.util.ArrayList; -import java.util.Collection; - -public class MemberDetails implements UserDetails { - - private final Member member; - - public MemberDetails(Member member) { - this.member = member; - } - - @Override - public Collection getAuthorities() { - - Collection collection = new ArrayList<>(); - - collection.add(new GrantedAuthority() { - @Override - public String getAuthority() { - return member.getRole(); - } - }); - - return collection; - } - - @Override - public String getPassword() { - return member.getPassword(); - } - - @Override - public String getUsername() { - return member.getUserId(); - } - - public String getUserId() { - return member.getUserId(); - } - - - @Override - public boolean isAccountNonExpired() { - return true; - } - - @Override - public boolean isAccountNonLocked() { - return true; - } - - @Override - public boolean isCredentialsNonExpired() { - return true; - } - - @Override - public boolean isEnabled() { - return true; - } -} diff --git a/src/main/java/com/cmc/suppin/member/service/command/MemberCommandService.java b/src/main/java/com/cmc/suppin/member/service/command/MemberCommandService.java deleted file mode 100644 index 051b4c1..0000000 --- a/src/main/java/com/cmc/suppin/member/service/command/MemberCommandService.java +++ /dev/null @@ -1,16 +0,0 @@ -package com.cmc.suppin.member.service.command; - -import com.cmc.suppin.member.controller.dto.MemberRequestDTO; -import com.cmc.suppin.member.controller.dto.MemberResponseDTO; -import com.cmc.suppin.member.domain.Member; - -public interface MemberCommandService { - - Member join(MemberRequestDTO.JoinDTO request); - - Boolean confirmUserId(MemberRequestDTO.IdConfirmDTO request); - - void deleteMember(String memberId); - - MemberResponseDTO.LoginResponseDTO login(MemberRequestDTO.LoginRequestDTO request); -} diff --git a/src/main/java/com/cmc/suppin/member/service/command/MemberCommandServiceImpl.java b/src/main/java/com/cmc/suppin/member/service/command/MemberCommandServiceImpl.java deleted file mode 100644 index e5223fb..0000000 --- a/src/main/java/com/cmc/suppin/member/service/command/MemberCommandServiceImpl.java +++ /dev/null @@ -1,90 +0,0 @@ -package com.cmc.suppin.member.service.command; - -import com.cmc.suppin.global.security.jwt.JWTUtil; -import com.cmc.suppin.member.controller.dto.MemberRequestDTO; -import com.cmc.suppin.member.controller.dto.MemberResponseDTO; -import com.cmc.suppin.member.converter.MemberConverter; -import com.cmc.suppin.member.domain.Member; -import com.cmc.suppin.member.domain.repository.MemberRepository; -import lombok.RequiredArgsConstructor; -import lombok.extern.slf4j.Slf4j; -import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; -import org.springframework.stereotype.Service; -import org.springframework.transaction.annotation.Transactional; - -@Service -@Slf4j -@RequiredArgsConstructor -@Transactional -public class MemberCommandServiceImpl implements MemberCommandService { - - private final MemberRepository memberRepository; - private final BCryptPasswordEncoder bCryptPasswordEncoder; - private final MemberConverter memberConverter; - private final JWTUtil jwtUtil; - - /** - * 회원가입 - */ - @Override - public Member join(MemberRequestDTO.JoinDTO request) { - // 중복된 아이디 체크 - if (memberRepository.existsByUserId(request.getUserId())) { - throw new IllegalArgumentException("이미 존재하는 유저입니다."); - } - - // 비밀번호 조건 검증 - String password = request.getPassword(); - if (!isValidPassword(password)) { - throw new IllegalArgumentException("비밀번호는 8~20자 영문, 숫자, 특수문자를 사용해야 합니다."); - } - - // DTO를 Entity로 변환 - Member member = memberConverter.toEntity(request, bCryptPasswordEncoder); - - // 회원 정보 저장 - memberRepository.save(member); - - return member; - } - - // 비밀번호 조건 검증 메서드 - private boolean isValidPassword(String password) { - return password.matches("(?=.*[0-9])(?=.*[a-zA-Z])(?=.*\\W)(?=\\S+$).{8,20}"); - } - - /** - * ID 중복 확인 - */ - @Override - public Boolean confirmUserId(MemberRequestDTO.IdConfirmDTO request) { - // 아이디 중복 체크 - return !memberRepository.existsByUserId(request.getUserId()); - } - - /** - * 회원 탈퇴 - */ - @Override - public void deleteMember(String memberId) { - memberRepository.deleteByUserId(memberId); - } - - /** - * 로그인 - */ - @Override - public MemberResponseDTO.LoginResponseDTO login(MemberRequestDTO.LoginRequestDTO request) { - Member member = memberRepository.findByUserId(request.getUserId()) - .orElseThrow(() -> new IllegalArgumentException("Invalid user ID or password")); - - if (!bCryptPasswordEncoder.matches(request.getPassword(), member.getPassword())) { - throw new IllegalArgumentException("Invalid user ID or password"); - } - - String token = jwtUtil.createJwt(member.getUserId(), member.getRole(), 604800000L); // 1주일 유효 토큰 - return MemberConverter.toLoginResponseDTO(token, member); - } - - -}