Merge branch 'BE/userinfo' into 'backend'
Be/userinfo See merge request s11-webmobile1-sub2/S11P12A701!31
This commit is contained in:
commit
41a04df278
@ -4,6 +4,8 @@ import com.edufocus.edufocus.user.model.entity.InfoDto;
|
|||||||
import com.edufocus.edufocus.user.model.entity.PasswordDto;
|
import com.edufocus.edufocus.user.model.entity.PasswordDto;
|
||||||
import com.edufocus.edufocus.user.model.entity.User;
|
import com.edufocus.edufocus.user.model.entity.User;
|
||||||
import com.edufocus.edufocus.user.model.exception.ExpriedTokenException;
|
import com.edufocus.edufocus.user.model.exception.ExpriedTokenException;
|
||||||
|
import com.edufocus.edufocus.user.model.exception.InvalidTokenException;
|
||||||
|
import com.edufocus.edufocus.user.model.exception.RefreshTokenExpiredException;
|
||||||
import com.edufocus.edufocus.user.model.exception.UnAuthorizedException;
|
import com.edufocus.edufocus.user.model.exception.UnAuthorizedException;
|
||||||
import com.edufocus.edufocus.user.model.service.UserService;
|
import com.edufocus.edufocus.user.model.service.UserService;
|
||||||
import com.edufocus.edufocus.user.util.JWTUtil;
|
import com.edufocus.edufocus.user.util.JWTUtil;
|
||||||
@ -122,35 +124,6 @@ public class UserController {
|
|||||||
return new ResponseEntity<>(resultMap, status);
|
return new ResponseEntity<>(resultMap, status);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Operation(summary = "회원인증", description = "회원 정보를 담은 Token 을 반환한다.")
|
|
||||||
@GetMapping("/auth/{userId}")
|
|
||||||
public ResponseEntity<Map<String, Object>> getInfo(
|
|
||||||
@PathVariable("userId") @Parameter(description = "인증할 회원의 아이디.", required = true) Long userId,
|
|
||||||
HttpServletRequest request) {
|
|
||||||
String id = String.valueOf(userId);
|
|
||||||
|
|
||||||
|
|
||||||
Map<String, Object> resultMap = new HashMap<>();
|
|
||||||
HttpStatus status = HttpStatus.ACCEPTED;
|
|
||||||
if (jwtUtil.checkToken(request.getHeader("Authorization"))) {
|
|
||||||
log.info("사용 가능한 토큰!!!");
|
|
||||||
try {
|
|
||||||
User member = userService.userInfo(userId);
|
|
||||||
resultMap.put("userInfo", member);
|
|
||||||
status = HttpStatus.OK;
|
|
||||||
} catch (Exception e) {
|
|
||||||
log.error("정보조회 실패 : {}", e);
|
|
||||||
resultMap.put("message", e.getMessage());
|
|
||||||
status = HttpStatus.INTERNAL_SERVER_ERROR;
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
System.out.println(jwtUtil.checkToken(request.getHeader("Authorization")));
|
|
||||||
log.error("사용 불가능 토큰!!!");
|
|
||||||
resultMap.put("message", "Unauthorized token");
|
|
||||||
status = HttpStatus.UNAUTHORIZED;
|
|
||||||
}
|
|
||||||
return new ResponseEntity<Map<String, Object>>(resultMap, status);
|
|
||||||
}
|
|
||||||
|
|
||||||
@PostMapping("/logout")
|
@PostMapping("/logout")
|
||||||
public ResponseEntity<?> removeToken(HttpServletRequest request) {
|
public ResponseEntity<?> removeToken(HttpServletRequest request) {
|
||||||
@ -166,7 +139,7 @@ public class UserController {
|
|||||||
} catch (Exception e) {
|
} catch (Exception e) {
|
||||||
log.error("로그아웃 실패 : {}", e);
|
log.error("로그아웃 실패 : {}", e);
|
||||||
resultMap.put("message", e.getMessage());
|
resultMap.put("message", e.getMessage());
|
||||||
status = HttpStatus.INTERNAL_SERVER_ERROR;
|
status = HttpStatus.UNAUTHORIZED;
|
||||||
}
|
}
|
||||||
return new ResponseEntity<Map<String, Object>>(resultMap, status);
|
return new ResponseEntity<Map<String, Object>>(resultMap, status);
|
||||||
}
|
}
|
||||||
@ -175,14 +148,8 @@ public class UserController {
|
|||||||
@PostMapping("/refresh")
|
@PostMapping("/refresh")
|
||||||
public ResponseEntity<?> refreshToken(HttpServletRequest request,HttpServletResponse response)
|
public ResponseEntity<?> refreshToken(HttpServletRequest request,HttpServletResponse response)
|
||||||
throws Exception {
|
throws Exception {
|
||||||
|
|
||||||
|
|
||||||
Map<String, Object> resultMap = new HashMap<>();
|
|
||||||
HttpStatus status = HttpStatus.ACCEPTED;
|
|
||||||
|
|
||||||
Cookie[] cookies = request.getCookies();
|
Cookie[] cookies = request.getCookies();
|
||||||
String token = null;
|
String token = null;
|
||||||
|
|
||||||
if (cookies != null) {
|
if (cookies != null) {
|
||||||
for (Cookie cookie : cookies) {
|
for (Cookie cookie : cookies) {
|
||||||
if (cookie.getName().equals("refresh-token")) {
|
if (cookie.getName().equals("refresh-token")) {
|
||||||
@ -191,41 +158,36 @@ public class UserController {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
try{
|
||||||
|
jwtUtil.checkToken(token);
|
||||||
|
}catch (Exception e){
|
||||||
|
throw new InvalidTokenException();
|
||||||
|
}
|
||||||
|
|
||||||
Long userId = Long.parseLong(jwtUtil.getUserId(token));
|
Long userId = Long.parseLong(jwtUtil.getUserId(token));
|
||||||
|
|
||||||
if (jwtUtil.checkToken(token)) {
|
if (!token.equals(userService.getRefreshToken(userId))) {
|
||||||
|
throw new InvalidTokenException();
|
||||||
|
|
||||||
if (token.equals(userService.getRefreshToken(userId))) {
|
|
||||||
|
|
||||||
String accessToken = jwtUtil.createAccessToken(String.valueOf(userId));
|
|
||||||
String refreshToken = jwtUtil.createRefreshToken(String.valueOf(userId));
|
|
||||||
|
|
||||||
log.debug("token : {}", accessToken);
|
|
||||||
log.debug("정상적으로 access token 재발급!!!");
|
|
||||||
resultMap.put("access-token", accessToken);
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
userService.saveRefreshToken(userId,refreshToken);
|
|
||||||
|
|
||||||
Cookie refreshCookie = new Cookie("refresh-token", refreshToken);
|
|
||||||
refreshCookie.setPath("/");
|
|
||||||
refreshCookie.setHttpOnly(true);
|
|
||||||
refreshCookie.setSecure(true); // HTTPS에서만 전송되도록 설정
|
|
||||||
// refreshCookie.setSameSite(Cookie.SameSite.NONE); // Cross-Origin 요청에 대해 모두 전송
|
|
||||||
|
|
||||||
response.addCookie(refreshCookie);
|
|
||||||
System.out.println("바뀐 리프레쉬랑 지금꺼 비교 "+ refreshToken.equals(token));
|
|
||||||
resultMap.put("access-token", accessToken);
|
|
||||||
status = HttpStatus.CREATED;
|
|
||||||
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
log.debug("refresh token 도 사용 불가!!!!!!!");
|
|
||||||
status = HttpStatus.UNAUTHORIZED;
|
|
||||||
}
|
}
|
||||||
return new ResponseEntity<Map<String, Object>>(resultMap, status);
|
|
||||||
|
|
||||||
|
String accessToken = jwtUtil.createAccessToken(String.valueOf(userId));
|
||||||
|
String refreshToken = jwtUtil.createRefreshToken(String.valueOf(userId));
|
||||||
|
|
||||||
|
|
||||||
|
Map<String, Object> resultMap = new HashMap<>();
|
||||||
|
resultMap.put("access-token", accessToken);
|
||||||
|
|
||||||
|
userService.saveRefreshToken(userId,refreshToken);
|
||||||
|
|
||||||
|
Cookie refreshCookie = new Cookie("refresh-token", refreshToken);
|
||||||
|
refreshCookie.setPath("/");
|
||||||
|
refreshCookie.setHttpOnly(true);
|
||||||
|
refreshCookie.setSecure(true);
|
||||||
|
response.addCookie(refreshCookie);
|
||||||
|
|
||||||
|
return new ResponseEntity<Map<String, Object>>(resultMap, HttpStatus.CREATED);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Operation(summary = "회원 정보 조회", description = "토큰을 이용하여 회원 정보를 조회한다.")
|
@Operation(summary = "회원 정보 조회", description = "토큰을 이용하여 회원 정보를 조회한다.")
|
||||||
|
@ -24,17 +24,11 @@ public class JWTInterceptor implements HandlerInterceptor {
|
|||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)
|
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler){
|
||||||
throws Exception {
|
|
||||||
final String token = request.getHeader(HEADER_AUTH);
|
final String token = request.getHeader(HEADER_AUTH);
|
||||||
|
|
||||||
if (token != null && jwtUtil.checkToken(token)) {
|
jwtUtil.checkToken(token);
|
||||||
log.info("토큰 사용 가능 : {}", token);
|
|
||||||
return true;
|
|
||||||
} else {
|
|
||||||
log.info("토큰 사용 불가능 : {}", token);
|
|
||||||
throw new UnAuthorizedException();
|
|
||||||
}
|
|
||||||
|
|
||||||
|
return true;
|
||||||
}
|
}
|
||||||
}
|
}
|
@ -9,17 +9,14 @@ import org.springframework.web.bind.annotation.ExceptionHandler;
|
|||||||
public class GlobalExceptionHandler {
|
public class GlobalExceptionHandler {
|
||||||
|
|
||||||
@ExceptionHandler(InvalidTokenException.class)
|
@ExceptionHandler(InvalidTokenException.class)
|
||||||
public ResponseEntity<String> handleUnAuthorizedException(InvalidTokenException e) {
|
public ResponseEntity<String> handleInvalidTokenException(InvalidTokenException e) {
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
return new ResponseEntity<>(e.getMessage(), HttpStatus.BAD_REQUEST);
|
return new ResponseEntity<>(e.getMessage(), HttpStatus.BAD_REQUEST);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
//
|
||||||
@ExceptionHandler(ExpriedTokenException.class)
|
@ExceptionHandler(ExpriedTokenException.class)
|
||||||
public ResponseEntity<String> handleInvalidTokenException(ExpriedTokenException e) {
|
public ResponseEntity<String> handleExpiredTokenException(ExpriedTokenException e) {
|
||||||
|
|
||||||
return new ResponseEntity<>(e.getMessage(), HttpStatus.UNAUTHORIZED);
|
return new ResponseEntity<>(e.getMessage(), HttpStatus.UNAUTHORIZED);
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
@ -0,0 +1,9 @@
|
|||||||
|
package com.edufocus.edufocus.user.model.exception;
|
||||||
|
|
||||||
|
public class RefreshTokenExpiredException extends RuntimeException {
|
||||||
|
private static final long serialVersionUID = 1L;
|
||||||
|
|
||||||
|
public RefreshTokenExpiredException() {
|
||||||
|
super("REFRESH TOKEN 만료\n다시 로그인을 하세요.");
|
||||||
|
}
|
||||||
|
}
|
@ -6,6 +6,7 @@ import java.util.Map;
|
|||||||
|
|
||||||
import com.edufocus.edufocus.user.model.exception.ExpriedTokenException;
|
import com.edufocus.edufocus.user.model.exception.ExpriedTokenException;
|
||||||
import com.edufocus.edufocus.user.model.exception.InvalidTokenException;
|
import com.edufocus.edufocus.user.model.exception.InvalidTokenException;
|
||||||
|
import com.edufocus.edufocus.user.model.exception.RefreshTokenExpiredException;
|
||||||
import com.edufocus.edufocus.user.model.exception.UnAuthorizedException;
|
import com.edufocus.edufocus.user.model.exception.UnAuthorizedException;
|
||||||
import io.jsonwebtoken.*;
|
import io.jsonwebtoken.*;
|
||||||
import org.springframework.beans.factory.annotation.Value;
|
import org.springframework.beans.factory.annotation.Value;
|
||||||
@ -54,30 +55,21 @@ public class JWTUtil {
|
|||||||
|
|
||||||
public boolean checkToken(String token) {
|
public boolean checkToken(String token) {
|
||||||
try {
|
try {
|
||||||
Jws<Claims> claims = Jwts.parserBuilder()
|
Jws<Claims> claims = Jwts.parserBuilder()
|
||||||
.setSigningKey(generateKey())
|
.setSigningKey(generateKey())
|
||||||
.build()
|
.build()
|
||||||
.parseClaimsJws(token);
|
.parseClaimsJws(token);
|
||||||
log.debug("claims: {}", claims);
|
log.debug("claims: {}", claims);
|
||||||
return true;
|
return true;
|
||||||
} catch (MalformedJwtException | UnsupportedJwtException | IllegalArgumentException | SignatureException e) {
|
}
|
||||||
log.error("Token validation error: {}", e.getMessage());
|
catch (ExpriedTokenException e) {
|
||||||
|
throw new ExpriedTokenException();
|
||||||
return false;
|
}catch (Exception e){
|
||||||
}
|
|
||||||
catch ( ExpiredJwtException e)
|
|
||||||
{
|
|
||||||
throw new ExpriedTokenException();
|
|
||||||
|
|
||||||
}
|
|
||||||
catch (Exception e) {
|
|
||||||
System.out.println(token);
|
|
||||||
System.out.println(e.getMessage());
|
|
||||||
log.error("Unexpected error while validating token: {}", e.getMessage());
|
|
||||||
throw new InvalidTokenException();
|
throw new InvalidTokenException();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
public String getUserId(String authorization) {
|
public String getUserId(String authorization) {
|
||||||
try {
|
try {
|
||||||
Jws<Claims> claims = Jwts.parserBuilder()
|
Jws<Claims> claims = Jwts.parserBuilder()
|
||||||
|
@ -108,18 +108,21 @@ public class Controller {
|
|||||||
Random random = new Random();
|
Random random = new Random();
|
||||||
|
|
||||||
System.out.println();
|
System.out.println();
|
||||||
int randomNumber = 100 + random.nextInt(9000);
|
int randomNumber = 10000 + random.nextInt(80000);
|
||||||
|
|
||||||
String randStr = String.valueOf(randomNumber);
|
String randStr = String.valueOf(randomNumber);
|
||||||
|
|
||||||
|
String roomName = lecture.getTitle();
|
||||||
|
String participantName = userService.getUserName(userId);
|
||||||
|
System.out.println(participantName);
|
||||||
|
|
||||||
|
AccessToken token = new AccessToken(LIVEKIT_API_KEY, LIVEKIT_API_SECRET);
|
||||||
|
|
||||||
|
|
||||||
if(findUser.getRole()==UserRole.ADMIN ){//&& lecture.isOnline() ) {
|
if(findUser.getRole()==UserRole.ADMIN ){//&& lecture.isOnline() ) {
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
String roomName = lecture.getTitle();
|
|
||||||
String participantName = userService.getUserName(userId);
|
|
||||||
AccessToken token = new AccessToken(LIVEKIT_API_KEY, LIVEKIT_API_SECRET);
|
|
||||||
IdentityData identityData = new IdentityData(participantName, "강사");
|
IdentityData identityData = new IdentityData(participantName, "강사");
|
||||||
String jsonIdentity = serializeIdentityData(identityData);
|
String jsonIdentity = serializeIdentityData(identityData);
|
||||||
|
|
||||||
@ -141,13 +144,7 @@ public class Controller {
|
|||||||
{
|
{
|
||||||
|
|
||||||
|
|
||||||
String roomName = lecture.getTitle();
|
IdentityData identityData = new IdentityData(participantName, "학생");
|
||||||
String participantName = userService.getUserName(userId);
|
|
||||||
System.out.println(participantName);
|
|
||||||
|
|
||||||
AccessToken token = new AccessToken(LIVEKIT_API_KEY, LIVEKIT_API_SECRET);
|
|
||||||
|
|
||||||
IdentityData identityData = new IdentityData(participantName, "강사");
|
|
||||||
String jsonIdentity = serializeIdentityData(identityData);
|
String jsonIdentity = serializeIdentityData(identityData);
|
||||||
|
|
||||||
|
|
||||||
|
@ -16,10 +16,12 @@ livekit.api.secret=${LIVEKIT_API_SECRET:secret}
|
|||||||
jwt.salt=${SALT}
|
jwt.salt=${SALT}
|
||||||
|
|
||||||
# Access Token ?? ?? (??? ??)
|
# Access Token ?? ?? (??? ??)
|
||||||
jwt.access-token.expiretime=3600000
|
#jwt.access-token.expiretime=3600000
|
||||||
|
jwt.access-token.expiretime=3000
|
||||||
|
|
||||||
# Refresh Token ?? ?? (??? ??)
|
# Refresh Token ?? ?? (??? ??)
|
||||||
jwt.refresh-token.expiretime=86400000
|
jwt.refresh-token.expiretime=50400000
|
||||||
|
#jwt.refresh-token.expiretime=4000
|
||||||
spring.datasource.driver-class-name=com.mysql.cj.jdbc.Driver
|
spring.datasource.driver-class-name=com.mysql.cj.jdbc.Driver
|
||||||
spring.datasource.url=${DATA_SOURCE_URL}
|
spring.datasource.url=${DATA_SOURCE_URL}
|
||||||
spring.datasource.username=${USER_NAME}
|
spring.datasource.username=${USER_NAME}
|
||||||
|
Loading…
Reference in New Issue
Block a user