Merge pull request #15 from dsc-sookmyung/feature/auth-backend

[#5] feat: join, login api

spring/notinote/build.gradle

@@ -23,9 +23,17 @@ repositories {
 }
 
 dependencies {
+	implementation 'io.jsonwebtoken:jjwt-api:0.11.2'
 	implementation 'org.springframework.boot:spring-boot-starter-data-jpa'
-	//implementation 'org.springframework.boot:spring-boot-starter-security'
+	implementation 'org.springframework.boot:spring-boot-starter-oauth2-client'
+	implementation 'org.springframework.boot:spring-boot-starter-validation'
+	implementation 'org.springframework.boot:spring-boot-starter-security'
 	implementation 'org.springframework.boot:spring-boot-starter-web'
+	implementation 'io.jsonwebtoken:jjwt-api:0.11.2'
+	implementation 'jakarta.xml.bind:jakarta.xml.bind-api:2.3.2'
+	runtimeOnly 'io.jsonwebtoken:jjwt-impl:0.11.2'
+	runtimeOnly 'io.jsonwebtoken:jjwt-jackson:0.11.2'
+	developmentOnly 'org.springframework.boot:spring-boot-devtools'
 	compileOnly 'org.projectlombok:lombok'
 	runtimeOnly 'mysql:mysql-connector-java'
 	annotationProcessor 'org.projectlombok:lombok'

spring/notinote/src/main/java/com/answer/notinote/Config/properties/AppProperties.java

@@ -0,0 +1,57 @@
+package com.answer.notinote.Config.properties;
+
+import org.springframework.boot.context.properties.ConfigurationProperties;
+
+import java.util.ArrayList;
+import java.util.List;
+
+@ConfigurationProperties(prefix = "app")
+public class AppProperties {
+
+    private final Auth auth = new Auth();
+
+    private final OAuth2 oauth2 = new OAuth2();
+
+    public static class Auth {
+
+        private String tokenSecret;
+
+        private long tokenExpirationMsec;
+
+        public String getTokenSecret() {
+            return tokenSecret;
+        }
+
+        public void setTokenSecret(String tokenSecret) {
+            this.tokenSecret = tokenSecret;
+        }
+
+        public long getTokenExpirationMsec() {
+            return tokenExpirationMsec;
+        }
+
+        public void setTokenExpirationMsec(long tokenExpirationMsec) {
+            this.tokenExpirationMsec = tokenExpirationMsec;
+        }
+    }
+
+    public static final class OAuth2 {
+
+        private List<String> authorizedRedirectUris = new ArrayList<>();
+
+        public List<String> getAuthorizedRedirectUris() {
+            return authorizedRedirectUris;
+        }
+        public OAuth2 authorizedRedirectUris(List<String> authorizedRedirectUris) {
+            this.authorizedRedirectUris = authorizedRedirectUris;
+            return this;
+        }
+    }
+
+    public Auth getAuth() {
+        return auth;
+    }
+    public OAuth2 getOauth2() {
+        return oauth2;
+    }
+}

spring/notinote/src/main/java/com/answer/notinote/Config/properties/CorsProperties.java

@@ -0,0 +1,14 @@
+package com.answer.notinote.Config.properties;
+
+import lombok.Getter;
+import lombok.Setter;
+import org.springframework.boot.context.properties.ConfigurationProperties;
+
+@Getter @Setter
+@ConfigurationProperties(prefix = "cors")
+public class CorsProperties {
+    private String allowedOrigins;
+    private String allowedMethods;
+    private String allowedHeaders;
+    private Long maxAge;
+}

spring/notinote/src/main/java/com/answer/notinote/Config/security/JwtConfig.java

@@ -0,0 +1,13 @@
+package com.answer.notinote.Config.security;
+
+import com.answer.notinote.auth.token.JwtTokenProvider;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+
+@Configuration
+public class JwtConfig {
+
+    @Value("${jwt.secret}")
+    private String secret;
+}

spring/notinote/src/main/java/com/answer/notinote/Config/security/WebSecurityConfig.java

@@ -0,0 +1,59 @@
+package com.answer.notinote.Config.security;
+
+import com.answer.notinote.auth.data.RoleType;
+import com.answer.notinote.auth.filter.JwtAuthenticationFilter;
+import com.answer.notinote.auth.filter.OAuth2AccessTokenAuthenticationFilter;
+import com.answer.notinote.auth.handler.OAuth2LoginFailureHandler;
+import com.answer.notinote.auth.handler.OAuth2LoginSuccessHandler;
+import com.answer.notinote.auth.token.JwtTokenProvider;
+import lombok.RequiredArgsConstructor;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.config.http.SessionCreationPolicy;
+import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
+
+/**
+ * Spring Security 설정 클래스
+ */
+@Configuration
+@RequiredArgsConstructor
+@EnableWebSecurity
+public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
+
+    private final JwtTokenProvider jwtTokenProvider;
+    private final OAuth2AccessTokenAuthenticationFilter oAuth2AccessTokenAuthenticationFilter;
+    private final OAuth2LoginSuccessHandler oAuth2LoginSuccessHandler;
+    private final OAuth2LoginFailureHandler oAuth2LoginFailureHandler;
+
+    @Override
+    protected void configure(HttpSecurity http) throws Exception {
+        http
+                    .httpBasic().disable()
+                    .csrf().disable()
+                    .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
+                .and()
+                    .authorizeRequests()
+                    .antMatchers("/", "/login/*", "/join", "/join/*").permitAll()
+                .and()
+                    .authorizeRequests()
+                    .antMatchers("/test/user")
+                    .hasRole("USER")
+                .and()
+                    .authorizeRequests()
+                    .antMatchers("/test/admin")
+                    .hasRole("ADMIN")
+                .and()
+                    .authorizeRequests()
+                    .anyRequest()
+                    .authenticated()
+                .and()
+                .oauth2Login()
+                .successHandler(oAuth2LoginSuccessHandler)
+                .failureHandler(oAuth2LoginFailureHandler)
+                .and()
+                .addFilterBefore(oAuth2AccessTokenAuthenticationFilter,
+                        UsernamePasswordAuthenticationFilter.class);
+    }
+}

spring/notinote/src/main/java/com/answer/notinote/NotinoteApplication.java

@@ -1,9 +1,14 @@
 package com.answer.notinote;
 
+import com.answer.notinote.Config.properties.AppProperties;
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.boot.context.properties.EnableConfigurationProperties;
+import org.springframework.data.jpa.repository.config.EnableJpaAuditing;
 
+@EnableJpaAuditing
 @SpringBootApplication
+@EnableConfigurationProperties(AppProperties.class)
 public class NotinoteApplication {
 
 	public static void main(String[] args) {

spring/notinote/src/main/java/com/answer/notinote/User/controller/UserController.java

@@ -0,0 +1,78 @@
+package com.answer.notinote.User.controller;
+
+import com.answer.notinote.User.dto.JoinRequestDto;
+import com.answer.notinote.auth.token.JwtTokenProvider;
+import com.answer.notinote.User.domain.entity.User;
+import com.answer.notinote.User.dto.UserRequestDto;
+import com.answer.notinote.User.service.UserService;
+import lombok.RequiredArgsConstructor;
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.*;
+
+import java.util.List;
+
+@RestController
+@RequiredArgsConstructor
+@RequestMapping("")
+public class UserController {
+
+    private final UserService userService;
+
+    private final JwtTokenProvider jwtTokenProvider;
+
+    @GetMapping("/join/{id}")
+    public ResponseEntity<?> auth_success(@PathVariable("id") long id) {
+        System.out.println("/join/id 입니다.");
+        User user = userService.findUserById(id);
+        return ResponseEntity.ok(user);
+    }
+
+    // 회원가입
+    @PostMapping("/join")
+    public ResponseEntity<?> join(@RequestBody JoinRequestDto requestDto) {
+        return ResponseEntity.ok(userService.join(requestDto));
+    }
+
+    // 로그인
+    @GetMapping("/login/{id}")
+    public ResponseEntity<?> login(@PathVariable("id") long id) {
+        User user = userService.findUserById(id);
+
+        String token = jwtTokenProvider.createToken(user.getUemail(), user.getUroleType());
+        return ResponseEntity.ok(token);
+    }
+
+    // token 재발급
+    @PostMapping("/refresh")
+    public String validateRefreshToken(@RequestHeader("REFRESH-TOKEN") String refreshToken) {
+        return "";
+    }
+
+    // 회원정보 수정
+    @PatchMapping()
+    public User update(@RequestParam Long id, @RequestBody UserRequestDto requestDto) {
+        return userService.update(id, requestDto);
+    }
+
+    // 이메일로 회원 조회
+    @GetMapping("/user/email")
+    public User readByEmail(@RequestParam String email) {
+        return userService.findUserByEmail(email);
+    }
+
+    // 전체 회원 조회
+    @GetMapping("/user/list")
+    public List<User> readAll() {
+        return userService.findAllUsers();
+    }
+
+    // 회원 삭제
+    @DeleteMapping("/user")
+    public Long delete(@RequestParam Long id) {
+        return userService.delete(id);
+    }
+
+    //Todo: Logout
+
+    //Todo: find password
+}

spring/notinote/src/main/java/com/answer/notinote/User/domain/entity/Timestamped.java

@@ -0,0 +1,23 @@
+package com.answer.notinote.User.domain.entity;
+
+import lombok.Getter;
+import org.springframework.data.annotation.CreatedDate;
+import org.springframework.data.annotation.LastModifiedDate;
+import org.springframework.data.jpa.domain.support.AuditingEntityListener;
+
+import javax.persistence.EntityListeners;
+import javax.persistence.MappedSuperclass;
+import java.time.LocalDateTime;
+
+@Getter
+@MappedSuperclass
+@EntityListeners(AuditingEntityListener.class)
+abstract class Timestamped {
+
+    @CreatedDate
+    private LocalDateTime created_at;
+
+    @LastModifiedDate
+    private LocalDateTime modified_at;
+
+}

spring/notinote/src/main/java/com/answer/notinote/User/domain/entity/User.java

@@ -0,0 +1,65 @@
+package com.answer.notinote.User.domain.entity;
+
+import com.answer.notinote.auth.data.ProviderType;
+import com.answer.notinote.auth.data.RoleType;
+import com.answer.notinote.User.dto.UserRequestDto;
+import lombok.*;
+
+import javax.persistence.*;
+
+@Entity
+@Getter @Setter
+@Builder
+@AllArgsConstructor
+@NoArgsConstructor
+public class User extends Timestamped {
+
+    @Id
+    @GeneratedValue(strategy = GenerationType.IDENTITY)
+    @Column
+    private Long uid;
+
+    @Column(length = 20)
+    private String ufirstname;
+
+    @Column(length = 20)
+    private String ulastname;
+
+    @Column(nullable = false, length = 50, unique = true)
+    private String uemail;
+
+    @Column(length = 20)
+    private String ulanguage;
+
+    @Enumerated(EnumType.STRING)
+    @Column(nullable = false, length = 20)
+    private ProviderType uproviderType;
+
+    @Enumerated(EnumType.STRING)
+    @Column(nullable = false, length = 20)
+    private RoleType uroleType;
+
+    public User(UserRequestDto requestDto) {
+        this.ufirstname = requestDto.getFirstname();
+        this.ulastname = requestDto.getLastname();
+        this.uemail = requestDto.getEmail();
+    }
+
+    public User(com.answer.notinote.auth.data.dto.UserRequestDto requestDto) {
+        this.uemail = requestDto.getEmail();
+        this.ufirstname = requestDto.getFirstname();
+        this.ulastname = requestDto.getLastname();
+        this.uproviderType = requestDto.getProviderType();
+        this.uroleType = requestDto.getRoleType();
+    }
+
+    public String getFullname() {
+        return this.ufirstname + " " + this.ulastname;
+    }
+
+    public void update(UserRequestDto requestDto) {
+        this.ufirstname = requestDto.getFirstname();
+        this.ulastname = requestDto.getLastname();
+        this.uemail = requestDto.getEmail();
+    }
+}