From f2310c5353b45974beaed0988a515e3c676ac027 Mon Sep 17 00:00:00 2001 From: cyLee1111 Date: Wed, 20 Nov 2024 23:42:16 +0900 Subject: [PATCH] feat: add UserController (/profile, /admin), addInterceptors --- .../kuit4serverauth/config/WebConfig.java | 4 +++- .../controller/UserController.java | 22 +++++++++++++++++-- .../kuit/kuit4serverauth/service/JwtUtil.java | 5 ++++- 3 files changed, 27 insertions(+), 4 deletions(-) diff --git a/src/main/java/com/kuit/kuit4serverauth/config/WebConfig.java b/src/main/java/com/kuit/kuit4serverauth/config/WebConfig.java index a0b47b4..61fc2d6 100644 --- a/src/main/java/com/kuit/kuit4serverauth/config/WebConfig.java +++ b/src/main/java/com/kuit/kuit4serverauth/config/WebConfig.java @@ -15,6 +15,8 @@ public WebConfig(AuthInterceptor authInterceptor) { @Override public void addInterceptors(InterceptorRegistry registry) { - // TODO /profile, /admin 앞에 붙이기 + registry.addInterceptor(authInterceptor) + .addPathPatterns("/profile", "/admin") + .excludePathPatterns("/login"); } } diff --git a/src/main/java/com/kuit/kuit4serverauth/controller/UserController.java b/src/main/java/com/kuit/kuit4serverauth/controller/UserController.java index 18cb7af..e477d34 100644 --- a/src/main/java/com/kuit/kuit4serverauth/controller/UserController.java +++ b/src/main/java/com/kuit/kuit4serverauth/controller/UserController.java @@ -1,23 +1,41 @@ package com.kuit.kuit4serverauth.controller; +import com.kuit.kuit4serverauth.repository.UserRepository; +import com.kuit.kuit4serverauth.service.JwtUtil; +import io.jsonwebtoken.Claims; import jakarta.servlet.http.HttpServletRequest; import org.springframework.http.HttpStatus; import org.springframework.http.ResponseEntity; import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.RestController; +import java.util.Objects; + @RestController public class UserController { + private final UserRepository userRepository; + private final JwtUtil jwtUtil; + + public UserController(UserRepository userRepository, JwtUtil jwtUtil) { + this.userRepository = userRepository; + this.jwtUtil = jwtUtil; + } @GetMapping("/profile") public ResponseEntity getProfile(HttpServletRequest request) { - // TODO : 로그인 한 사용자면 username 이용해 "Hello, {username}" 반환하기 + String username = (String) request.getAttribute("username"); // 인터셉터에서 저장한 username + if (username != null) { + return ResponseEntity.ok("Hello, " + username); + } return ResponseEntity.status(HttpStatus.UNAUTHORIZED).body("Unauthorized"); } @GetMapping("/admin") public ResponseEntity getAdmin(HttpServletRequest request) { - // TODO: role이 admin이면 "Hello, admin" 반환하기 + String role = (String) request.getAttribute("role"); + if (Objects.equals(role, "ROLE_ADMIN")) { + return ResponseEntity.ok("Hello, admin"); + } return ResponseEntity.status(HttpStatus.FORBIDDEN).body("Forbidden"); } } diff --git a/src/main/java/com/kuit/kuit4serverauth/service/JwtUtil.java b/src/main/java/com/kuit/kuit4serverauth/service/JwtUtil.java index ead240e..0ccef80 100644 --- a/src/main/java/com/kuit/kuit4serverauth/service/JwtUtil.java +++ b/src/main/java/com/kuit/kuit4serverauth/service/JwtUtil.java @@ -5,13 +5,16 @@ import io.jsonwebtoken.Claims; import io.jsonwebtoken.Jwts; import io.jsonwebtoken.SignatureAlgorithm; +import io.jsonwebtoken.security.Keys; import org.springframework.stereotype.Component; +import java.security.Key; import java.util.Date; @Component public class JwtUtil { - private final String secret = "mysecretkey"; + // private final String secret = "mysecretkey"; + private final Key secret = Keys.secretKeyFor(SignatureAlgorithm.HS256); private final long expirationMs = 3600000; // 1 hour public String generateToken(String username, String role) {