YAPP-Github · sectionr0 · Jul 17, 2024 · Jul 13, 2024 · Jul 13, 2024 · Jul 13, 2024
diff --git a/.gitmodules b/.gitmodules
@@ -1,3 +1,3 @@
-[submodule "app/src/main/resources/backend-submodule"]
-	path = app/src/main/resources/backend-submodule
-	url = https://github.com/yapp-wespot/backend-submodule.git
+[submodule "app/src/main/resources/config"]
+	path = app/src/main/resources/config
+	url = https://github.com/yapp-wespot/config.git
diff --git a/app/build.gradle.kts b/app/build.gradle.kts
@@ -9,6 +9,15 @@ dependencies {
     implementation(project(":domain"))
     implementation(project(":core"))
     implementation(project(":infrastructure:mysql"))
+    implementation(project(":infrastructure:redis"))
+
+
+    // https://mvnrepository.com/artifact/io.jsonwebtoken/jjwt-api
+    testImplementation("io.jsonwebtoken:jjwt-api:0.11.2")
+    testImplementation("io.jsonwebtoken:jjwt-impl:0.11.2")
+    testImplementation("io.jsonwebtoken:jjwt-jackson:0.11.2")
 
     testImplementation("io.rest-assured:rest-assured")
+
+
 }
diff --git a/app/src/main/kotlin/com/wespot/auth/AuthController.kt b/app/src/main/kotlin/com/wespot/auth/AuthController.kt
@@ -0,0 +1,71 @@
+package com.wespot.auth
+
+import com.wespot.auth.dto.request.AuthLoginRequest
+import com.wespot.auth.dto.request.RefreshTokenRequest
+import com.wespot.auth.dto.request.SignUpRequest
+import com.wespot.auth.dto.response.SignUpResponse
+import com.wespot.auth.dto.response.TokenResponse
+import com.wespot.auth.service.AuthService
+import org.springframework.http.HttpStatus
+import org.springframework.http.ResponseEntity
+import org.springframework.web.bind.annotation.PostMapping
+import org.springframework.web.bind.annotation.RequestBody
+import org.springframework.web.bind.annotation.RequestMapping
+import org.springframework.web.bind.annotation.RestController
+
+@RestController
+@RequestMapping("/api/v1/auth")
+class AuthController(
+    private val authService: AuthService
+) {
+
+    @PostMapping("/login")
+    fun signIn(
+        @RequestBody request: AuthLoginRequest
+    ): Any {
+
+        val response = authService.socialAccess(request)
+
+        return if (response is SignUpResponse) {
+            ResponseEntity.status(HttpStatus.ACCEPTED).body(response)
+        } else {
+            ResponseEntity.ok()
+                .body(response)
+        }
+
+    }
+
+    @PostMapping("/signup")
+    fun signUp(
+        @RequestBody request: SignUpRequest
+    ): ResponseEntity<TokenResponse> {
+
+        val signUp = authService.signUp(request)
+
+        return ResponseEntity.ok()
+            .body(signUp)
+
+    }
+
+    @PostMapping("/reissue")
+    fun reissue(
+        @RequestBody request: RefreshTokenRequest
+    ): ResponseEntity<TokenResponse> {
+
+        val response = authService.reIssueToken(request)
+
+        return ResponseEntity.ok()
+            .body(response)
+
+    }
+
+    @PostMapping("/revoke")
+    fun revoke(): ResponseEntity<Unit> {
+
+        authService.revoke()
+
+        return ResponseEntity.noContent().build()
+
+    }
+
+}
diff --git a/app/src/main/kotlin/com/wespot/config/security/CustomUrlFilter.kt b/app/src/main/kotlin/com/wespot/config/security/CustomUrlFilter.kt
@@ -0,0 +1,76 @@
+package com.wespot.config.security
+
+import com.fasterxml.jackson.databind.ObjectMapper
+import jakarta.servlet.FilterChain
+import jakarta.servlet.http.HttpServletRequest
+import jakarta.servlet.http.HttpServletResponse
+import org.springframework.http.HttpStatus
+import org.springframework.http.MediaType
+import org.springframework.http.ProblemDetail
+import org.springframework.stereotype.Component
+import org.springframework.util.AntPathMatcher
+import org.springframework.web.filter.OncePerRequestFilter
+import java.net.URI
+import kotlin.text.Charsets.UTF_8
+
+@Component
+class CustomUrlFilter(
+    private val objectMapper: ObjectMapper
+) : OncePerRequestFilter() {
+
+    private val antPathMatcher = AntPathMatcher()
+
+    private val validUrlPatterns = listOf(
+        "/health",
+        "/",
+        "/api/v1/auth/reissue",
+        "/api/v1/auth/login",
+        "/api/v1/auth/signup",
+        "/api/v1/auth/revoke",
+    )
+
+    override fun doFilterInternal(
+        request: HttpServletRequest,
+        response: HttpServletResponse,
+        filterChain: FilterChain
+    ) {
+
+        if (!isValidUrl(request)) {
+            handleInvalidUrl(request, response)
+            return
+        }
+        filterChain.doFilter(request, response)
+
+    }
+
+    private fun isValidUrl(request: HttpServletRequest): Boolean {
+
+        val requestUri = request.requestURI
+
+        return validUrlPatterns.any { antPathMatcher.match(it, requestUri) }
+
+    }
+
+    private fun handleInvalidUrl(
+        request: HttpServletRequest,
+        response: HttpServletResponse
+    ) {
+
+        response.contentType = MediaType.APPLICATION_JSON_VALUE
+        response.characterEncoding = UTF_8.name()
+        response.status = HttpStatus.NOT_FOUND.value()
+
+        val body = objectMapper.writeValueAsString(
+            ProblemDetail.forStatusAndDetail(
+                HttpStatus.NOT_FOUND,
+                NoSuchFieldException("잘못된 URL입니다.").message!!,
+            ).apply {
+                type = URI.create("/errors/not-found")
+                instance = URI.create(request.requestURI)
+            }
+        )
+
+        response.writer.write(body)
+
+    }
+}
diff --git a/app/src/main/kotlin/com/wespot/config/security/JwtAccessDeniedHandler.kt b/app/src/main/kotlin/com/wespot/config/security/JwtAccessDeniedHandler.kt
@@ -0,0 +1,42 @@
+package com.wespot.config.security
+
+import com.fasterxml.jackson.databind.ObjectMapper
+import jakarta.servlet.http.HttpServletRequest
+import jakarta.servlet.http.HttpServletResponse
+import org.springframework.http.HttpStatus
+import org.springframework.http.MediaType
+import org.springframework.http.ProblemDetail
+import org.springframework.security.access.AccessDeniedException
+import org.springframework.security.web.access.AccessDeniedHandler
+import org.springframework.stereotype.Component
+import java.net.URI
+import kotlin.text.Charsets.UTF_8
+
+@Component
+class JwtAccessDeniedHandler(
+    private val objectMapper: ObjectMapper
+) : AccessDeniedHandler {
+    override fun handle(
+        request: HttpServletRequest,
+        response: HttpServletResponse,
+        exception: AccessDeniedException
+    ) {
+
+        response.contentType = MediaType.APPLICATION_JSON_VALUE
+        response.characterEncoding = UTF_8.name()
+        response.status = HttpStatus.FORBIDDEN.value()
+
+        val body = objectMapper.writeValueAsString(
+            ProblemDetail.forStatusAndDetail(
+                HttpStatus.UNAUTHORIZED,
+                AccessDeniedException("자신의 것만 가능합니다").message!!,
+            ).apply {
+                type = URI.create("/errors/forbidden")
+                instance = URI.create(request.requestURI)
+            }
+        )
+        response.writer.write(body)
+
+    }
+
+}
diff --git a/app/src/main/kotlin/com/wespot/config/security/JwtAuthenticationEntryPoint.kt b/app/src/main/kotlin/com/wespot/config/security/JwtAuthenticationEntryPoint.kt
@@ -0,0 +1,43 @@
+package com.wespot.config.security
+
+import com.fasterxml.jackson.databind.ObjectMapper
+import jakarta.servlet.http.HttpServletRequest
+import jakarta.servlet.http.HttpServletResponse
+import org.springframework.http.HttpStatus
+import org.springframework.http.MediaType
+import org.springframework.http.ProblemDetail
+import org.springframework.security.authentication.BadCredentialsException
+import org.springframework.security.core.AuthenticationException
+import org.springframework.security.web.AuthenticationEntryPoint
+import org.springframework.stereotype.Component
+import java.net.URI
+import kotlin.text.Charsets.UTF_8
+
+@Component
+class JwtAuthenticationEntryPoint(
+    private val objectMapper: ObjectMapper
+) : AuthenticationEntryPoint {
+    override fun commence(
+        request: HttpServletRequest,
+        response: HttpServletResponse,
+        authException: AuthenticationException?
+    ) {
+
+        response.contentType = MediaType.APPLICATION_JSON_VALUE
+        response.characterEncoding = UTF_8.name()
+        response.status = HttpStatus.UNAUTHORIZED.value()
+
+        val body = objectMapper.writeValueAsString(
+            ProblemDetail.forStatusAndDetail(
+                HttpStatus.UNAUTHORIZED,
+                BadCredentialsException("").message!!,
+            ).apply {
+                type = URI.create("/errors/unauthenticated")
+                instance = URI.create(request.requestURI)
+            }
+        )
+        response.writer.write(body)
+
+    }
+}
+
diff --git a/app/src/main/kotlin/com/wespot/config/security/JwtAuthenticationFilter.kt b/app/src/main/kotlin/com/wespot/config/security/JwtAuthenticationFilter.kt
@@ -0,0 +1,52 @@
+package com.wespot.config.security
+
+import com.wespot.auth.JwtTokenInfo
+import com.wespot.auth.port.`in`.AuthenticationUseCase
+import jakarta.servlet.FilterChain
+import jakarta.servlet.http.HttpServletRequest
+import jakarta.servlet.http.HttpServletResponse
+import org.springframework.security.authentication.BadCredentialsException
+import org.springframework.security.core.context.SecurityContextHolder
+import org.springframework.stereotype.Component
+import org.springframework.util.StringUtils
+import org.springframework.web.filter.OncePerRequestFilter
+
+@Component
+class JwtAuthenticationFilter(
+    private val authenticationUseCase: AuthenticationUseCase,
+    private val jwtAuthenticationEntryPoint: JwtAuthenticationEntryPoint,
+) : OncePerRequestFilter() {
+
+    override fun doFilterInternal(
+        request: HttpServletRequest,
+        response: HttpServletResponse,
+        filterChain: FilterChain
+    ) {
+        val token = extractToken(request)
+        if (token != null && StringUtils.hasText(token)) {
+            try {
+                authenticateUserByToken(token)
+            } catch (e: BadCredentialsException) {
+                jwtAuthenticationEntryPoint.commence(request, response, authException = null)
+                return
+            }
+        }
+        filterChain.doFilter(request, response)
+    }
+
+    private fun authenticateUserByToken(token: String) {
+        try {
+            val authentication = authenticationUseCase.getAuthentication(token)
+            SecurityContextHolder.getContext().authentication = authentication
+        } catch (e: BadCredentialsException) {
+            SecurityContextHolder.clearContext()
+        }
+    }
+
+    private fun extractToken(request: HttpServletRequest): String? {
+        val bearerToken = request.getHeader(JwtTokenInfo.AUTHORIZATION_HEADER)
+        return if (StringUtils.hasText(bearerToken) && bearerToken.startsWith(JwtTokenInfo.BEARER_TYPE)) {
+            bearerToken.substring(JwtTokenInfo.BEARER_TYPE.length).trim()
+        } else null
+    }
+}