next-step · developowl · Dec 24, 2024 · Dec 29, 2024 · Dec 29, 2024 · Dec 29, 2024
diff --git a/build.gradle b/build.gradle
@@ -15,7 +15,7 @@ repositories {
 dependencies {
     implementation 'org.springframework.boot:spring-boot-starter-web'
     implementation 'org.springframework.boot:spring-boot-starter-thymeleaf'
-    implementation 'org.springframework.boot:spring-boot-starter-jdbc'
+    implementation 'org.springframework.boot:spring-boot-starter-data-jpa'
 
     implementation 'dev.akkinoc.spring.boot:logback-access-spring-boot-starter:4.0.0'
 

diff --git a/src/main/java/auth/AdminAccessInterceptor.java b/src/main/java/auth/AdminAccessInterceptor.java
@@ -0,0 +1,47 @@
+package auth;
+
+import jakarta.servlet.http.Cookie;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import org.springframework.stereotype.Component;
+import org.springframework.web.servlet.HandlerInterceptor;
+import roomescape.exception.AuthorizationException;
+
+import java.util.Arrays;
+
+@Component
+public class AdminAccessInterceptor implements HandlerInterceptor {
+    private final JwtAuthManager jwtAuthManager;
+
+    public AdminAccessInterceptor(JwtAuthManager jwtAuthManager) {
+        this.jwtAuthManager = jwtAuthManager;
+    }
+
+    @Override
+    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
+        String token = extractTokenFromCookies(request.getCookies());
+        jwtAuthManager.validateToken(token);
+
+        String role = jwtAuthManager.getRole(token);
+
+        if (!"ADMIN".equals(role)) {
+            response.setStatus(401);
+            response.getWriter().write("권한이 없습니다.");
+            return false;
+        }
+
+        return true;
+    }
+
+    private String extractTokenFromCookies(Cookie[] cookies) {
+        if (cookies == null) {
+            throw new AuthorizationException("쿠키가 존재하지 않습니다.");
+        }
+
+        return Arrays.stream(cookies)
+                .filter(cookie -> "token".equals(cookie.getName()))
+                .findFirst()
+                .map(Cookie::getValue)
+                .orElseThrow(() -> new AuthorizationException("토큰 쿠키가 없습니다."));
+    }
+}
diff --git a/src/main/java/auth/JwtAuthManager.java b/src/main/java/auth/JwtAuthManager.java
@@ -0,0 +1,94 @@
+package auth;
+
+import io.jsonwebtoken.*;
+import org.springframework.beans.factory.annotation.Value;
+import roomescape.domain.member.Member;
+import roomescape.domain.member.MemberRepository;
+import roomescape.exception.AuthorizationException;
+
+import java.util.Date;
+
+public class JwtAuthManager {
+
+    @Value("${roomescape.auth.jwt.secret}")
+    private String secretKey;
+
+    @Value("${roomescape.auth.jwt.expire-length}")
+    private long validityInMilliseconds;
+
+    private final MemberRepository memberRepository;
+
+    public JwtAuthManager(MemberRepository memberRepository) {
+        this.memberRepository = memberRepository;
+    }
+
+    public String createToken(String email, String password) {
+        Member member = memberRepository.findByEmailAndPassword(email, password)
+                .orElseThrow(() -> new AuthorizationException("유효한 이메일이 아닙니다."));
+
+        Long memberId = member.getId();
+        String role = member.getRole();
+
+        Claims claims = Jwts.claims().setSubject(String.valueOf(memberId));
+        claims.put("role", role);
+
+        Date now = new Date();
+        Date validity = new Date(now.getTime() + validityInMilliseconds);
+
+        return Jwts.builder()
+                .setClaims(claims)
+                .setIssuedAt(now)
+                .setExpiration(validity)
+                .signWith(SignatureAlgorithm.HS256, secretKey)
+                .compact();
+    }
+
+    public Long getId(String token) {
+        JwtParser parser = Jwts.parserBuilder()
+                .setSigningKey(secretKey)
+                .build();
+
+        Claims claims = parser.parseClaimsJws(token).getBody();
+        return Long.parseLong(claims.getSubject());
+    }
+
+    public String getRole(String token) {
+        JwtParser parser = Jwts.parserBuilder()
+                .setSigningKey(secretKey)
+                .build();
+
+        Claims claims = parser.parseClaimsJws(token).getBody();
+        return claims.get("role", String.class);
+    }
+
+    public void validateToken(String token) {
+        try {
+            Jws<Claims> claims = Jwts.parser().setSigningKey(secretKey).parseClaimsJws(token);
+
+            if (claims.getBody().getExpiration().before(new Date())) {
+
+                throw new IllegalArgumentException("토큰이 만료되었습니다.");
+            }
+        } catch (JwtException | IllegalArgumentException e) {
+            throw new IllegalArgumentException("유효하지 않은 토큰입니다.", e);
+        }
+    }
+
+//    public String getName(String token) {
+//        JwtParser parser = Jwts.parserBuilder()
+//                .setSigningKey(secretKey)
+//                .build();
+//
+//        Claims claims = parser.parseClaimsJws(token).getBody();
+//        return claims.get("name", String.class);
+//    }
+//
+//    public String getEmail(String token) {
+//        JwtParser parser = Jwts.parserBuilder()
+//                .setSigningKey(secretKey)
+//                .build();
+//
+//        Claims claims = parser.parseClaimsJws(token).getBody();
+//        return claims.get("email", String.class);
+//    }
+}
diff --git a/src/main/java/auth/LoginMemberArgumentResolver.java b/src/main/java/auth/LoginMemberArgumentResolver.java
@@ -0,0 +1,67 @@
+package auth;
+
+import jakarta.servlet.http.Cookie;
+import jakarta.servlet.http.HttpServletRequest;
+import org.springframework.core.MethodParameter;
+import org.springframework.web.bind.support.WebDataBinderFactory;
+import org.springframework.web.context.request.NativeWebRequest;
+import org.springframework.web.method.support.HandlerMethodArgumentResolver;
+import org.springframework.web.method.support.ModelAndViewContainer;
+import roomescape.domain.member.MemberRepository;
+import roomescape.exception.AuthorizationException;
+import roomescape.domain.member.Member;
+
+import java.util.Arrays;
+
+public class LoginMemberArgumentResolver implements HandlerMethodArgumentResolver {
+    private final JwtAuthManager jwtAuthManager;
+    private final MemberRepository memberRepository;
+
+    public LoginMemberArgumentResolver(JwtAuthManager jwtAuthManager, MemberRepository memberRepository) {
+        this.jwtAuthManager = jwtAuthManager;
+        this.memberRepository = memberRepository;
+    }
+
+    @Override
+    public boolean supportsParameter(MethodParameter parameter) {
+        return parameter.getParameterType().equals(Member.class);
+    }
+
+    @Override
+    public Object resolveArgument(MethodParameter parameter,
+                                  ModelAndViewContainer mavContainer,
+                                  NativeWebRequest webRequest,
+                                  WebDataBinderFactory binderFactory) throws Exception {
+        HttpServletRequest request = (HttpServletRequest) webRequest.getNativeRequest();
+
+        String token = extractTokenFromCookies(request.getCookies());
+        jwtAuthManager.validateToken(token);
+
+        Long id = jwtAuthManager.getId(token);
+
+        Member member = memberRepository.findById(id)
+                .orElseThrow(() -> new AuthorizationException("Member not found"));
+
+        String name = member.getName();
+
+        String email = member.getEmail();
+
+        String password = member.getPassword();
+
+        String role = jwtAuthManager.getRole(token);
+
+        return new Member(id, name, email, password, role);
+    }
+
+    private String extractTokenFromCookies(Cookie[] cookies) {
+        if (cookies == null) {
+            throw new AuthorizationException("쿠키가 존재하지 않습니다.");
+        }
+
+        return Arrays.stream(cookies)
+                .filter(cookie -> "token".equals(cookie.getName()))
+                .findFirst()
+                .map(Cookie::getValue)
+                .orElseThrow(() -> new AuthorizationException("토큰 쿠키가 없습니다."));
+    }
+}
diff --git a/src/main/java/roomescape/DataLoader.java b/src/main/java/roomescape/DataLoader.java
@@ -0,0 +1,28 @@
+package roomescape;
+
+import org.springframework.boot.CommandLineRunner;
+import org.springframework.context.annotation.Profile;
+import org.springframework.stereotype.Component;
+import roomescape.domain.member.Member;
+import roomescape.domain.member.MemberRepository;
+
+@Profile("default") // 배포 환경 -> "prod", 로컬 환경 -> "default"
+@Component
+public class DataLoader implements CommandLineRunner {
+    private final MemberRepository memberRepository;
+
+    public DataLoader(MemberRepository memberRepository) {
+        this.memberRepository = memberRepository;
+    }
+
+    @Override
+    public void run(String... args) throws Exception {
+        if (memberRepository.count() == 0) {
+            Member admin = new Member("어드민", "[email protected]", "password", "ADMIN");
+            Member brown = new Member("브라운", "[email protected]", "password", "USER");
+            memberRepository.save(admin);
+            memberRepository.save(brown);
+            System.out.println("초기 사용자 정보가 등록되었습니다.");
+        }
+    }
+}
diff --git a/src/main/java/roomescape/TestDataLoader.java b/src/main/java/roomescape/TestDataLoader.java
@@ -0,0 +1,57 @@
+package roomescape;
+
+import org.springframework.boot.CommandLineRunner;
+import org.springframework.context.annotation.Profile;
+import org.springframework.stereotype.Component;
+import org.springframework.transaction.annotation.Transactional;
+import roomescape.domain.member.Member;
+import roomescape.domain.member.MemberRepository;
+import roomescape.domain.theme.Theme;
+import roomescape.domain.theme.ThemeRepository;
+import roomescape.domain.time.Time;
+import roomescape.domain.time.TimeRepository;
+import roomescape.domain.reservation.Reservation;
+import roomescape.domain.reservation.ReservationRepository;
+
+@Profile("test")
+@Component
+public class TestDataLoader implements CommandLineRunner {
+    private final MemberRepository memberRepository;
+    private final ThemeRepository themeRepository;
+    private final TimeRepository timeRepository;
+    private final ReservationRepository reservationRepository;
+
+    public TestDataLoader(MemberRepository memberRepository, ThemeRepository themeRepository,
+                          TimeRepository timeRepository, ReservationRepository reservationRepository) {
+        this.memberRepository = memberRepository;
+        this.themeRepository = themeRepository;
+        this.timeRepository = timeRepository;
+        this.reservationRepository = reservationRepository;
+    }
+
+    @Override
+    @Transactional
+    public void run(String... args) throws Exception {
+        Member admin = new Member("어드민", "[email protected]", "password", "ADMIN");
+        Member brown = new Member("브라운", "[email protected]", "password", "USER");
+        memberRepository.save(admin);
+        memberRepository.save(brown);
+
+        Theme theme1 = new Theme("테마1", "테마1입니다.");
+        Theme theme2 = new Theme("테마2", "테마2입니다.");
+        themeRepository.save(theme1);
+        themeRepository.save(theme2);
+
+        Time time1 = new Time("10:00");
+        Time time2 = new Time("12:00");
+        timeRepository.save(time1);
+        timeRepository.save(time2);
+
+        Reservation reservation1 = new Reservation("어드민", "2024-03-01", time1, theme1, admin);
+        Reservation reservation2 = new Reservation("브라운", "2024-03-01", time2, theme2, brown);
+        reservationRepository.save(reservation1);
+        reservationRepository.save(reservation2);
+
+        System.out.println("테스트 데이터가 초기화되었습니다.");
+    }
+}
diff --git a/src/main/java/roomescape/authentication/AuthorizationExtractor.java b/src/main/java/roomescape/authentication/AuthorizationExtractor.java
@@ -0,0 +1,9 @@
+package roomescape.authentication;
+
+import jakarta.servlet.http.HttpServletRequest;
+
+public interface AuthorizationExtractor<T> {
+    String AUTHORIZATION = "Authorization";
+
+    T extract(HttpServletRequest request);
+}
diff --git a/src/main/java/roomescape/authentication/BearerAuthorizationExtractor.java b/src/main/java/roomescape/authentication/BearerAuthorizationExtractor.java
@@ -0,0 +1,28 @@
+package roomescape.authentication;
+
+import jakarta.servlet.http.HttpServletRequest;
+
+import java.util.Enumeration;
+
+public class BearerAuthorizationExtractor implements AuthorizationExtractor<String> {
+    private static final String BEARER_TYPE = "Bearer";
+    private static final String ACCESS_TOKEN_TYPE = BearerAuthorizationExtractor.class.getSimpleName() + ".ACCESS_TOKEN_TYPE";
+
+    @Override
+    public String extract(HttpServletRequest request) {
+        Enumeration<String> headers = request.getHeaders(AUTHORIZATION);
+        while (headers.hasMoreElements()) {
+            String value = headers.nextElement();
+            if ((value.toLowerCase().startsWith(BEARER_TYPE.toLowerCase()))) {
+                String authHeaderValue = value.substring(BEARER_TYPE.length()).trim();
+                request.setAttribute(ACCESS_TOKEN_TYPE, value.substring(0, BEARER_TYPE.length()).trim());
+                int commaIndex = authHeaderValue.indexOf(',');
+                if (commaIndex > 0) {
+                    authHeaderValue = authHeaderValue.substring(0, commaIndex);
+                }
+                return authHeaderValue;
+            }
+        }
+        return null;
+    }
+}
diff --git a/src/main/java/roomescape/config/JwtAuthConfig.java b/src/main/java/roomescape/config/JwtAuthConfig.java
@@ -0,0 +1,22 @@
+package roomescape.config;
+
+import auth.JwtAuthManager;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.ComponentScan;
+import org.springframework.context.annotation.Configuration;
+import roomescape.domain.member.MemberRepository;
+
+@Configuration
+@ComponentScan(basePackages = {"roomescape", "auth"})
+public class JwtAuthConfig {
+    private final MemberRepository memberRepository;
+
+    public JwtAuthConfig(MemberRepository memberRepository) {
+        this.memberRepository = memberRepository;
+    }
+
+    @Bean
+    public JwtAuthManager jwtAuthManager() {
+        return new JwtAuthManager(memberRepository);
+    }
+}