UMC-EWHA#32 [Week9] jwt 설정

build.gradle

@@ -31,6 +31,11 @@ dependencies {
     runtimeOnly 'com.h2database:h2'
     annotationProcessor 'org.projectlombok:lombok'
     testImplementation 'org.springframework.boot:spring-boot-starter-test'
+    // jwt
+    implementation 'org.springframework.boot:spring-boot-starter-security'
+    implementation 'io.jsonwebtoken:jjwt-api:0.11.5'
+    implementation 'io.jsonwebtoken:jjwt-impl:0.11.5'
+    implementation 'io.jsonwebtoken:jjwt-jackson:0.11.5'
 }
 
 tasks.named('test') {

src/main/java/com/umc/umcserver/domain/auth/controller/AuthController.java

@@ -0,0 +1,36 @@
+package com.umc.umcserver.domain.auth.controller;
+
+import com.umc.umcserver.domain.auth.dto.LoginRequestDto;
+import com.umc.umcserver.domain.auth.dto.LoginResponseDto;
+import com.umc.umcserver.domain.auth.service.AuthService;
+import com.umc.umcserver.global.dto.DtoMetaData;
+import lombok.RequiredArgsConstructor;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+@RequiredArgsConstructor
+@RequestMapping("/auth")
+@RestController
+public class AuthController {
+    private final AuthService authService;
+
+    // 로그인
+    @PostMapping("/login")
+    public ResponseEntity<LoginResponseDto> login(@RequestBody LoginRequestDto requestDto) {
+        DtoMetaData dtoMetaData;
+
+        try {
+            String token = authService.login(requestDto);
+            dtoMetaData = new DtoMetaData("로그인 성공");
+            return ResponseEntity.ok(new LoginResponseDto(dtoMetaData, token));
+        } catch (Exception e) {
+            dtoMetaData = new DtoMetaData(e.getMessage(), e.getClass().getName());
+            return ResponseEntity.status(HttpStatus.BAD_REQUEST).body(new LoginResponseDto(dtoMetaData));
+        }
+    }
+
+}

src/main/java/com/umc/umcserver/domain/auth/dto/LoginRequestDto.java

@@ -0,0 +1,15 @@
+package com.umc.umcserver.domain.auth.dto;
+
+import lombok.Data;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+
+@Data
+public class LoginRequestDto {
+
+    private String email;
+    private String password;
+
+    public UsernamePasswordAuthenticationToken toAuthentication() {
+        return new UsernamePasswordAuthenticationToken(email, password);
+    }
+}

src/main/java/com/umc/umcserver/domain/auth/dto/LoginResponseDto.java

@@ -0,0 +1,21 @@
+package com.umc.umcserver.domain.auth.dto;
+
+import com.umc.umcserver.global.dto.DtoMetaData;
+import lombok.Data;
+
+@Data
+public class LoginResponseDto {
+
+    private DtoMetaData dtoMetaData;
+    private String token;
+
+    public LoginResponseDto(DtoMetaData dtoMetaData, String token) {
+        this.dtoMetaData = dtoMetaData;
+        this.token = token;
+    }
+
+    public LoginResponseDto(DtoMetaData dtoMetaData) {
+        this.dtoMetaData = dtoMetaData;
+        this.token = null;
+    }
+}

src/main/java/com/umc/umcserver/domain/auth/repository/Account.java

@@ -0,0 +1,32 @@
+package com.umc.umcserver.domain.auth.repository;
+
+import lombok.Builder;
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+
+import javax.persistence.Column;
+import javax.persistence.Entity;
+import javax.persistence.GeneratedValue;
+import javax.persistence.Id;
+
+@Getter
+@NoArgsConstructor
+@Entity
+public class Account {
+    @Id
+    @GeneratedValue
+    private Long id;
+
+    @Column
+    private String email;
+
+    @Column
+    private String password;
+
+    @Builder
+    public Account(Long id, String email, String password) {
+        this.id = id;
+        this.email = email;
+        this.password = password;
+    }
+}

src/main/java/com/umc/umcserver/domain/auth/service/AuthService.java

@@ -0,0 +1,34 @@
+package com.umc.umcserver.domain.auth.service;
+
+import com.umc.umcserver.domain.auth.dto.LoginRequestDto;
+import com.umc.umcserver.global.jwt.JwtTokenProvider;
+import lombok.RequiredArgsConstructor;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.core.Authentication;
+import org.springframework.stereotype.Service;
+import org.springframework.transaction.annotation.Transactional;
+
+@RequiredArgsConstructor
+@Service
+public class AuthService {
+    private final AuthenticationManagerBuilder authenticationManagerBuilder;
+    private final JwtTokenProvider tokenProvider;
+
+    @Transactional
+    public String login(LoginRequestDto requestDto) {
+        // Login ID/PW 를 기반으로 AuthenticationToken 생성
+        UsernamePasswordAuthenticationToken authenticationToken = requestDto.toAuthentication();
+
+        // AuthenticationToken (유저 정보: 비밀번호) 검증
+        // authenticate 메서드가 실행이 될 때 CustomUserDetailsService 에서 만들었던 loadUserByUsername 메서드가 실행됨
+        Authentication authentication = authenticationManagerBuilder.getObject().authenticate(authenticationToken);
+
+        // 인증 정보를 기반으로 JWT 토큰 생성
+        String token = tokenProvider.generateToken(authentication);
+
+        // 토큰 발급
+        return token;
+    }
+
+}

src/main/java/com/umc/umcserver/controller/BoardController.java → src/main/java/com/umc/umcserver/domain/board/controller/BoardController.java

@@ -1,7 +1,7 @@
-package com.umc.umcserver.controller;
+package com.umc.umcserver.domain.board.controller;
 
-import com.umc.umcserver.dto.*;
-import com.umc.umcserver.service.BoardService;
+import com.umc.umcserver.domain.board.dto.*;
+import com.umc.umcserver.domain.board.service.BoardService;
 import lombok.RequiredArgsConstructor;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;

src/main/java/com/umc/umcserver/controller/TestController.java → src/main/java/com/umc/umcserver/domain/board/controller/TestController.java

@@ -1,4 +1,4 @@
-package com.umc.umcserver.controller;
+package com.umc.umcserver.domain.board.controller;
 
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.RestController;

src/main/java/com/umc/umcserver/dto/CreatePostsReqDto.java → src/main/java/com/umc/umcserver/domain/board/dto/CreatePostsReqDto.java

@@ -1,6 +1,6 @@
-package com.umc.umcserver.dto;
+package com.umc.umcserver.domain.board.dto;
 
-import com.umc.umcserver.repository.Board;
+import com.umc.umcserver.domain.board.repository.Board;
 import lombok.Getter;
 import lombok.NoArgsConstructor;
 

src/main/java/com/umc/umcserver/dto/CreatePostsResDto.java → src/main/java/com/umc/umcserver/domain/board/dto/CreatePostsResDto.java

@@ -1,4 +1,4 @@
-package com.umc.umcserver.dto;
+package com.umc.umcserver.domain.board.dto;
 
 import lombok.AllArgsConstructor;
 import lombok.Getter;

src/main/java/com/umc/umcserver/dto/DeletePostsReqDto.java → src/main/java/com/umc/umcserver/domain/board/dto/DeletePostsReqDto.java

@@ -1,4 +1,4 @@
-package com.umc.umcserver.dto;
+package com.umc.umcserver.domain.board.dto;
 
 import lombok.Getter;
 import lombok.RequiredArgsConstructor;

src/main/java/com/umc/umcserver/dto/DeletePostsResDto.java → src/main/java/com/umc/umcserver/domain/board/dto/DeletePostsResDto.java

@@ -1,4 +1,4 @@
-package com.umc.umcserver.dto;
+package com.umc.umcserver.domain.board.dto;
 
 import lombok.Getter;
 

src/main/java/com/umc/umcserver/dto/FetchPostsReqDto.java → src/main/java/com/umc/umcserver/domain/board/dto/FetchPostsReqDto.java

@@ -1,4 +1,4 @@
-package com.umc.umcserver.dto;
+package com.umc.umcserver.domain.board.dto;
 
 import lombok.Getter;
 import lombok.NoArgsConstructor;

src/main/java/com/umc/umcserver/dto/FetchPostsResDto.java → src/main/java/com/umc/umcserver/domain/board/dto/FetchPostsResDto.java

@@ -1,12 +1,10 @@
-package com.umc.umcserver.dto;
+package com.umc.umcserver.domain.board.dto;
 
-import com.umc.umcserver.repository.Board;
+import com.umc.umcserver.domain.board.repository.Board;
 import lombok.AllArgsConstructor;
 import lombok.Getter;
 import org.springframework.data.domain.Pageable;
 
-import java.util.List;
-
 @Getter
 @AllArgsConstructor
 public class FetchPostsResDto {

src/main/java/com/umc/umcserver/dto/UpdatePostsReqDto.java → src/main/java/com/umc/umcserver/domain/board/dto/UpdatePostsReqDto.java

@@ -1,6 +1,6 @@
-package com.umc.umcserver.dto;
+package com.umc.umcserver.domain.board.dto;
 
-import com.umc.umcserver.repository.Board;
+import com.umc.umcserver.domain.board.repository.Board;
 import lombok.Getter;
 import lombok.RequiredArgsConstructor;
 

src/main/java/com/umc/umcserver/dto/UpdatePostsResDto.java → src/main/java/com/umc/umcserver/domain/board/dto/UpdatePostsResDto.java

@@ -1,6 +1,6 @@
-package com.umc.umcserver.dto;
+package com.umc.umcserver.domain.board.dto;
 
-import com.umc.umcserver.repository.Board;
+import com.umc.umcserver.domain.board.repository.Board;
 import lombok.AllArgsConstructor;
 import lombok.Getter;
 

src/main/java/com/umc/umcserver/repository/Board.java → src/main/java/com/umc/umcserver/domain/board/repository/Board.java

@@ -1,4 +1,4 @@
-package com.umc.umcserver.repository;
+package com.umc.umcserver.domain.board.repository;
 
 import lombok.Builder;
 import lombok.Getter;

src/main/java/com/umc/umcserver/repository/BoardRepository.java → src/main/java/com/umc/umcserver/domain/board/repository/BoardRepository.java

@@ -1,4 +1,4 @@
-package com.umc.umcserver.repository;
+package com.umc.umcserver.domain.board.repository;
 
 import org.springframework.data.domain.Page;
 import org.springframework.data.domain.Pageable;

src/main/java/com/umc/umcserver/service/BoardService.java → src/main/java/com/umc/umcserver/domain/board/service/BoardService.java

@@ -1,8 +1,8 @@
-package com.umc.umcserver.service;
+package com.umc.umcserver.domain.board.service;
 
-import com.umc.umcserver.dto.*;
-import com.umc.umcserver.repository.Board;
-import com.umc.umcserver.repository.BoardRepository;
+import com.umc.umcserver.domain.board.dto.*;
+import com.umc.umcserver.domain.board.repository.Board;
+import com.umc.umcserver.domain.board.repository.BoardRepository;
 import lombok.RequiredArgsConstructor;
 import org.springframework.data.domain.Page;
 import org.springframework.data.domain.PageRequest;

src/main/java/com/umc/umcserver/global/dto/DtoMetaData.java

@@ -0,0 +1,19 @@
+package com.umc.umcserver.global.dto;
+
+import lombok.Data;
+
+@Data
+public class DtoMetaData {
+    private String message;
+    private String exception;
+
+    public DtoMetaData(String message) {
+        this.message = message;
+        this.exception = null;
+    }
+
+    public DtoMetaData(String message, String exception) {
+        this.message = message;
+        this.exception = exception;
+    }
+}

src/main/java/com/umc/umcserver/global/jwt/JwtAccessDeniedHandler.java

@@ -0,0 +1,20 @@
+package com.umc.umcserver.global.jwt;
+
+import org.springframework.security.access.AccessDeniedException;
+import org.springframework.security.web.access.AccessDeniedHandler;
+import org.springframework.stereotype.Component;
+
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+
+@Component
+public class JwtAccessDeniedHandler implements AccessDeniedHandler {
+
+    @Override
+    public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException accessDeniedException) throws IOException, ServletException {
+        // 유저 정보는 있지만 자원에 접근할 수 있는 권한이 없는 경우 403 에러 응답
+        response.sendError(HttpServletResponse.SC_FORBIDDEN);
+    }
+}

src/main/java/com/umc/umcserver/global/jwt/JwtAuthenticationEntryPoint.java

@@ -0,0 +1,20 @@
+package com.umc.umcserver.global.jwt;
+
+import org.springframework.security.core.AuthenticationException;
+import org.springframework.security.web.AuthenticationEntryPoint;
+import org.springframework.stereotype.Component;
+
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+
+@Component
+public class JwtAuthenticationEntryPoint implements AuthenticationEntryPoint {
+
+    @Override
+    public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) throws IOException, ServletException {
+        // 유요한 자격증명(유저 정보) 없이 접근하려 할 때 401 에러 응답
+        response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
+    }
+}

src/main/java/com/umc/umcserver/global/jwt/JwtCustomFilter.java

@@ -0,0 +1,48 @@
+package com.umc.umcserver.global.jwt;
+
+import lombok.RequiredArgsConstructor;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.util.StringUtils;
+import org.springframework.web.filter.OncePerRequestFilter;
+
+import javax.servlet.FilterChain;
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+
+@RequiredArgsConstructor
+public class JwtCustomFilter extends OncePerRequestFilter {
+
+    public static final String AUTHORIZATION_HEADER = "Authorization";
+    public static final String BEARER_PREFIX = "Bearer ";
+
+    private final JwtTokenProvider tokenProvider;
+
+    // 실제 필터링 로직: JWT 토큰의 인증 정보를 현재 쓰레드의 SecurityContext 에 저장
+    @Override
+    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
+        // Request Header 에서 토큰 꺼냄
+        String token = resolveToken(request);
+        // 토큰 유효성 검사
+        // 유요한 토큰이면 Authentication 을 가져와서 SecurityContext 에 저장
+        if(StringUtils.hasText(token) && tokenProvider.validateToken(token)) {
+            Authentication authentication = tokenProvider.getAuthentication(token);
+            SecurityContextHolder.getContext().setAuthentication(authentication);
+        }
+
+        filterChain.doFilter(request, response);
+    }
+
+    // Request Header 에서 토큰 꺼내기
+    private String resolveToken(HttpServletRequest request) {
+        String bearerToken = request.getHeader(AUTHORIZATION_HEADER);
+
+        if(StringUtils.hasText(bearerToken) && bearerToken.startsWith(BEARER_PREFIX)) {
+            return bearerToken.substring(7);
+        }
+
+        return null;
+    }
+}

src/main/java/com/umc/umcserver/global/jwt/JwtSecurityConfig.java

@@ -0,0 +1,20 @@
+package com.umc.umcserver.global.jwt;
+
+import lombok.RequiredArgsConstructor;
+import org.springframework.security.config.annotation.SecurityConfigurerAdapter;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.web.DefaultSecurityFilterChain;
+import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
+
+@RequiredArgsConstructor
+public class JwtSecurityConfig extends SecurityConfigurerAdapter<DefaultSecurityFilterChain, HttpSecurity> {
+
+    private final JwtTokenProvider jwtTokenProvider;
+
+    // TokenProvider 를 주입받은 JwtFilter 를 Security Filter 앞에 추가
+    @Override
+    public void configure(HttpSecurity http) {
+        JwtCustomFilter customJwtFilter = new JwtCustomFilter(jwtTokenProvider);
+        http.addFilterBefore(customJwtFilter, UsernamePasswordAuthenticationFilter.class);
+    }
+}