-
Notifications
You must be signed in to change notification settings - Fork 56
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Spring MVC] 윤성원 미션 제출합니다. #24
Open
mete0rfish
wants to merge
16
commits into
next-step:mete0rfish
Choose a base branch
from
mete0rfish:main
base: mete0rfish
Could not load branches
Branch not found: {{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
Open
Changes from all commits
Commits
Show all changes
16 commits
Select commit
Hold shift + click to select a range
cc3abbc
feat: 1단계 기능
mete0rfish e2291ac
feat: 1단계 기능
mete0rfish c2b3130
feat: 2단계 기능
mete0rfish 86a4892
fix: HandlerMethodArgumentResolver용 커스텀 어노테이션 제거
mete0rfish 8f30fe5
feat: 3단계 기능
mete0rfish 506cdc2
refactor: secret키를 JwtProvider에 종속
mete0rfish 9b999b2
refactor: 토큰 추출 코드를 CookieUtil로
mete0rfish dd61bb6
refactor: Avoid Exception in AdminPageInterception about not found us…
mete0rfish 4c80a48
refactor: Avoid Exception in AdminPageInterception about not found us…
mete0rfish d2021d8
feat: 4단계
mete0rfish 4578228
feat: 5단계
mete0rfish 506e434
feat: 6단계
mete0rfish 756d748
refactor: Add dto packages
mete0rfish 8e70024
refactor: remove Optional
mete0rfish b910e8a
feat: 7단계
f4d2c36
feat: 8단계 요구사항 추가
File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,28 @@ | ||
| package roomescape; | ||
|
|
||
| import org.springframework.boot.CommandLineRunner; | ||
| import org.springframework.context.annotation.Profile; | ||
| import org.springframework.stereotype.Component; | ||
| import roomescape.member.Member; | ||
| import roomescape.member.MemberRepository; | ||
|
|
||
| @Profile("default") | ||
| @Component | ||
| public class DataLoader implements CommandLineRunner { | ||
|
|
||
| private MemberRepository memberRepository; | ||
|
|
||
| public DataLoader(MemberRepository memberRepository) { | ||
| this.memberRepository = memberRepository; | ||
| } | ||
|
|
||
| @Override | ||
| public void run(String... args) throws Exception { | ||
| final Member member1 = memberRepository.save( new Member( | ||
| "어드민", "[email protected]", "password", "ADMIN" | ||
| )); | ||
| final Member member2 = memberRepository.save( new Member( | ||
| "브라운", "[email protected]", "password", "USER" | ||
| )); | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,51 @@ | ||
| package roomescape; | ||
|
|
||
| import org.springframework.boot.CommandLineRunner; | ||
| import org.springframework.context.annotation.Profile; | ||
| import org.springframework.stereotype.Component; | ||
| import roomescape.member.Member; | ||
| import roomescape.member.MemberRepository; | ||
| import roomescape.reservation.Reservation; | ||
| import roomescape.reservation.ReservationRepository; | ||
| import roomescape.theme.Theme; | ||
| import roomescape.theme.ThemeRepository; | ||
| import roomescape.time.Time; | ||
| import roomescape.time.TimeRepository; | ||
|
|
||
| @Profile("test") | ||
| @Component | ||
| public class TestDataLoader implements CommandLineRunner { | ||
| private MemberRepository memberRepository; | ||
| private ThemeRepository themeRepository; | ||
| private TimeRepository timeRepository; | ||
| private ReservationRepository reservationRepository; | ||
|
|
||
| public TestDataLoader(MemberRepository memberRepository, ThemeRepository themeRepository, TimeRepository timeRepository, ReservationRepository reservationRepository) { | ||
| this.memberRepository = memberRepository; | ||
| this.themeRepository = themeRepository; | ||
| this.timeRepository = timeRepository; | ||
| this.reservationRepository = reservationRepository; | ||
| } | ||
|
|
||
| @Override | ||
| public void run(String... args) throws Exception { | ||
| final Member member1 = memberRepository.save(new Member("어드민", "[email protected]", "password", "ADMIN")); | ||
| final Member member2 = memberRepository.save(new Member("브라운", "[email protected]", "password", "USER")); | ||
|
|
||
| final Theme theme1 = themeRepository.save(new Theme("테마1", "테마1입니다.")); | ||
| final Theme theme2 = themeRepository.save(new Theme("테마2", "테마2입니다.")); | ||
| final Theme theme3 = themeRepository.save(new Theme("테마3", "테마3입니다.")); | ||
|
|
||
| final Time time1 = timeRepository.save(new Time("10:00")); | ||
| final Time time2 = timeRepository.save(new Time("12:00")); | ||
| final Time time3 = timeRepository.save(new Time("14:00")); | ||
| final Time time4 = timeRepository.save(new Time("16:00")); | ||
| final Time time5 = timeRepository.save(new Time("18:00")); | ||
| final Time time6 = timeRepository.save(new Time("20:00")); | ||
|
|
||
| reservationRepository.save(new Reservation("어드민", "2024-03-01", time1, theme1, member1)); | ||
| reservationRepository.save(new Reservation("어드민", "2024-03-01", time2, theme2, member1)); | ||
| reservationRepository.save(new Reservation("어드민", "2024-03-01", time3, theme3, member1)); | ||
| reservationRepository.save(new Reservation("브라운", "2024-03-01", time4, theme1, member2)); | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,15 @@ | ||
| package roomescape.api; | ||
|
|
||
| import io.jsonwebtoken.Jwts; | ||
| import io.jsonwebtoken.security.Keys; | ||
|
|
||
| public class JwtDecoder { | ||
| public static Long decodeJwtToken(String token) { | ||
| Long memberId = Long.valueOf(Jwts.parserBuilder() | ||
| .setSigningKey(Keys.hmacShaKeyFor("Yn2kjibddFAWtnPJ2AFlL8WXmohJMCvigQggaEypa5E=".getBytes())) | ||
| .build() | ||
| .parseClaimsJws(token) | ||
| .getBody().getSubject()); | ||
| return memberId; | ||
| } | ||
| } | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,27 @@ | ||
| package roomescape.api; | ||
|
|
||
| import io.jsonwebtoken.Jwts; | ||
| import io.jsonwebtoken.security.Keys; | ||
| import roomescape.member.Member; | ||
|
|
||
| public class JwtUtils { | ||
|
|
||
| private String secretKey; | ||
|
|
||
| public JwtUtils() { | ||
|
|
||
| } | ||
|
|
||
| public JwtUtils(String secretKey) { | ||
| this.secretKey = secretKey; | ||
| } | ||
|
|
||
| public String createToken(Member member){ | ||
| return Jwts.builder() | ||
| .setSubject(member.getId().toString()) | ||
| .claim("name", member.getName()) | ||
| .claim("role", member.getRole()) | ||
| .signWith(Keys.hmacShaKeyFor(secretKey.getBytes())) | ||
| .compact(); | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,46 @@ | ||
| package roomescape.auth; | ||
|
|
||
| import jakarta.servlet.http.HttpServletRequest; | ||
| import jakarta.servlet.http.HttpServletResponse; | ||
| import org.springframework.stereotype.Component; | ||
| import org.springframework.web.servlet.HandlerInterceptor; | ||
| import roomescape.api.JwtDecoder; | ||
| import roomescape.exception.NotFoundException; | ||
| import roomescape.exception.UnauthorizedException; | ||
| import roomescape.member.Member; | ||
| import roomescape.member.MemberService; | ||
| import roomescape.util.CookieUtil; | ||
|
|
||
| @Component | ||
| public class AdminInterceptor implements HandlerInterceptor { | ||
| private MemberService memberService; | ||
|
|
||
| public AdminInterceptor(MemberService memberService) { | ||
| this.memberService = memberService; | ||
| } | ||
|
|
||
| @Override | ||
| public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { | ||
| try { | ||
| String token = CookieUtil.extractTokenFromCookie(request.getCookies()); | ||
| Long id = JwtDecoder.decodeJwtToken(token); | ||
| Member member = memberService.findById(id); | ||
|
|
||
| if (member == null) { | ||
| throw new NotFoundException("유저를 찾을 수 없습니다."); | ||
| } else if (!member.getRole().equals("ADMIN")) { | ||
| throw new UnauthorizedException("관리자 회원이 아닙니다."); | ||
| } | ||
|
|
||
| return true; | ||
| } catch (NotFoundException | UnauthorizedException e) { | ||
| response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); | ||
| response.getWriter().write(e.getMessage()); | ||
| return false; | ||
| } catch(Exception e) { | ||
| response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); | ||
| response.getWriter().write("예상치 못한 오류가 발생했습니다."); | ||
| return false; | ||
| } | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,17 @@ | ||
| package roomescape.auth; | ||
|
|
||
| import org.springframework.beans.factory.annotation.Value; | ||
| import org.springframework.context.annotation.Bean; | ||
| import org.springframework.context.annotation.Configuration; | ||
| import roomescape.api.JwtUtils; | ||
|
|
||
| @Configuration | ||
| public class AuthConfig { | ||
| @Bean | ||
| public JwtUtils jwtProvider( | ||
| @Value("${roomescape.auth.jwt.secret}") | ||
| String secretKey | ||
| ) { | ||
| return new JwtUtils(secretKey); | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,22 @@ | ||
| package roomescape.auth; | ||
|
|
||
| import org.springframework.stereotype.Service; | ||
| import roomescape.api.JwtDecoder; | ||
| import roomescape.member.dto.LoginMember; | ||
| import roomescape.member.Member; | ||
| import roomescape.member.MemberService; | ||
|
|
||
| @Service | ||
| public class AuthService { | ||
| private MemberService memberService; | ||
|
|
||
| public AuthService(MemberService memberService) { | ||
| this.memberService = memberService; | ||
| } | ||
|
|
||
| public LoginMember getLoginMemberWithToken(String token) { | ||
| Long id = JwtDecoder.decodeJwtToken(token); | ||
| Member member = memberService.findById(id); | ||
| return new LoginMember(member.getId(), member.getName(), member.getEmail(), member.getPassword()); | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,22 @@ | ||
| package roomescape.config; | ||
|
|
||
| import org.springframework.context.annotation.Configuration; | ||
| import org.springframework.web.servlet.config.annotation.InterceptorRegistry; | ||
| import org.springframework.web.servlet.config.annotation.WebMvcConfigurer; | ||
| import roomescape.auth.AdminInterceptor; | ||
|
|
||
| @Configuration | ||
| public class InterceptorConfig implements WebMvcConfigurer { | ||
| private AdminInterceptor adminInterceptor; | ||
|
|
||
|
|
||
| public InterceptorConfig(AdminInterceptor adminInterceptor) { | ||
| this.adminInterceptor = adminInterceptor; | ||
| } | ||
|
|
||
| @Override | ||
| public void addInterceptors(InterceptorRegistry registry) { | ||
| registry.addInterceptor(adminInterceptor) | ||
| .addPathPatterns("/admin"); | ||
| } | ||
| } |
39 changes: 39 additions & 0 deletions
39
src/main/java/roomescape/config/LoginMemberArgumentResolver.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,39 @@ | ||
| package roomescape.config; | ||
|
|
||
| import jakarta.servlet.http.Cookie; | ||
| import jakarta.servlet.http.HttpServletRequest; | ||
| import org.springframework.core.MethodParameter; | ||
| import org.springframework.stereotype.Component; | ||
| import org.springframework.web.bind.support.WebDataBinderFactory; | ||
| import org.springframework.web.context.request.NativeWebRequest; | ||
| import org.springframework.web.method.support.HandlerMethodArgumentResolver; | ||
| import org.springframework.web.method.support.ModelAndViewContainer; | ||
| import roomescape.api.JwtDecoder; | ||
| import roomescape.auth.AuthService; | ||
| import roomescape.member.Member; | ||
| import roomescape.util.CookieUtil; | ||
|
|
||
| @Component | ||
| public class LoginMemberArgumentResolver implements HandlerMethodArgumentResolver { | ||
| private AuthService authService; | ||
|
|
||
| public LoginMemberArgumentResolver(AuthService authService) { | ||
| this.authService = authService; | ||
| } | ||
|
|
||
| @Override | ||
| public boolean supportsParameter(MethodParameter parameter) { | ||
| return Member.class.isAssignableFrom(parameter.getParameterType()); | ||
| } | ||
|
|
||
| @Override | ||
| public Object resolveArgument(MethodParameter parameter, ModelAndViewContainer mavContainer, NativeWebRequest webRequest, WebDataBinderFactory binderFactory) throws Exception { | ||
| HttpServletRequest request = webRequest.getNativeRequest(HttpServletRequest.class); | ||
| Cookie[] cookies = request.getCookies(); | ||
| String token = CookieUtil.extractTokenFromCookie(cookies); | ||
| if(token == null){ | ||
| return null; | ||
| } | ||
| return authService.getLoginMemberWithToken(token); | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,21 @@ | ||
| package roomescape.config; | ||
|
|
||
| import org.springframework.context.annotation.Configuration; | ||
| import org.springframework.web.method.support.HandlerMethodArgumentResolver; | ||
| import org.springframework.web.servlet.config.annotation.WebMvcConfigurer; | ||
|
|
||
| import java.util.List; | ||
|
|
||
| @Configuration | ||
| public class WebConfig implements WebMvcConfigurer { | ||
| private final LoginMemberArgumentResolver loginMemberArgumentResolver; | ||
|
|
||
| public WebConfig(LoginMemberArgumentResolver loginMemberArgumentResolver) { | ||
| this.loginMemberArgumentResolver = loginMemberArgumentResolver; | ||
| } | ||
|
|
||
| @Override | ||
| public void addArgumentResolvers(List<HandlerMethodArgumentResolver> resolvers) { | ||
| resolvers.add(loginMemberArgumentResolver); | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,7 @@ | ||
| package roomescape.exception; | ||
|
|
||
| public class NotFoundException extends RuntimeException { | ||
| public NotFoundException(String message) { | ||
| super(message); | ||
| } | ||
| } |
7 changes: 7 additions & 0 deletions
7
src/main/java/roomescape/exception/UnauthorizedException.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,7 @@ | ||
| package roomescape.exception; | ||
|
|
||
| public class UnauthorizedException extends RuntimeException { | ||
| public UnauthorizedException(String message) { | ||
| super(message); | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
JwtDecoder와JwtProvider를 나눠서 진행한 것이 인상깊습니다.시크릿키가 여러 곳에서 사용되는 것을 막기위해 JwtProvider에서만 사용하셨다고 하셨는데, 디코더에서는 노출되게 작성해도 괜찮은 것일까요? 이 부분 궁금합니다!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
실수가 있었네요. 9번째 줄에 있는 scretkey 또한 필드에서 @value를 통해 사용하도록 수정해볼께요.