conflict fix 3

Author: developowl

src/main/java/roomescape/UI/TokenLoginController.java

@@ -0,0 +1,45 @@
+package roomescape.UI;
+
+import jakarta.servlet.http.Cookie;
+import jakarta.servlet.http.HttpServletResponse;
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RestController;
+import roomescape.application.AuthService;
+import roomescape.dto.TokenRequest;
+import roomescape.dto.TokenResponse;
+import roomescape.member.LoginMember;
+import roomescape.member.MemberResponse;
+
+@RestController
+public class TokenLoginController {
+    private final AuthService authService;
+
+    public TokenLoginController(AuthService authService) {
+        this.authService = authService;
+    }
+
+    @PostMapping("/login")
+    public ResponseEntity<TokenResponse> tokenLogin(@RequestBody TokenRequest tokenRequest, HttpServletResponse response){
+        TokenResponse tokenResponse = authService.createToken(tokenRequest);
+
+        Cookie cookie = new Cookie("token", tokenResponse.getAccessToken());
+        cookie.setHttpOnly(true);
+        cookie.setPath("/");
+        response.addCookie(cookie);
+
+        return ResponseEntity.ok().body(tokenResponse);
+    }
+
+    @GetMapping("/login/check")
+    public ResponseEntity<MemberResponse> checkLogin(LoginMember loginMember) {
+        MemberResponse memberResponse = new MemberResponse(
+                loginMember.getId(),
+                loginMember.getName(),
+                loginMember.getEmail()
+        );
+        return ResponseEntity.ok(memberResponse);
+    }
+}

src/main/java/roomescape/application/AuthService.java

@@ -0,0 +1,58 @@
+package roomescape.application;
+
+import org.springframework.stereotype.Service;
+import roomescape.dto.TokenRequest;
+import roomescape.dto.TokenResponse;
+import roomescape.infrastructure.JwtTokenProvider;
+import roomescape.member.LoginMember;
+import roomescape.member.Member;
+import roomescape.member.MemberDao;
+
+import static org.springframework.http.HttpStatus.*;
+
+@Service
+public class AuthService {
+    private final JwtTokenProvider jwtTokenProvider;
+    private final MemberDao memberDao;
+
+    public AuthService(JwtTokenProvider jwtTokenProvider, MemberDao memberDao) {
+        this.jwtTokenProvider = jwtTokenProvider;
+        this.memberDao = memberDao;
+    }
+
+    public LoginMember findLoginMemberByEmail(String email) {
+        Member member = memberDao.findByEmail(email);
+        if (member == null) {
+            throw new AuthorizationException("사용자를 찾을 수 없습니다.", NOT_FOUND);
+        }
+        return new LoginMember(member.getId(), member.getName(), member.getEmail(), member.getRole());
+    }
+
+    public String getEmailFromToken(String token) {
+        return jwtTokenProvider.getPayload(token);
+    }
+
+    public TokenResponse createToken(TokenRequest tokenRequest) {
+        if (checkInvalidLogin(tokenRequest.getEmail(), tokenRequest.getPassword())) {
+            throw new AuthorizationException("유효한 로그인 정보가 아닙니다.", BAD_REQUEST);
+        }
+        String accessToken = jwtTokenProvider.createToken(tokenRequest.getEmail());
+        return new TokenResponse(accessToken);
+    }
+
+    public boolean checkInvalidLogin(String email, String password) {
+        Member member = memberDao.findByEmailAndPassword(email, password);
+        if (member == null) {
+            throw new AuthorizationException("이메일 또는 비밀번호가 잘못되었습니다.", UNAUTHORIZED);
+        }
+        return false;
+    }
+
+    public boolean verifyToken(String token) {
+        try {
+            return jwtTokenProvider.validateToken(token);
+        } catch (Exception e) {
+            return false;
+        }
+    }
+}

src/main/java/roomescape/application/AuthorizationException.java

@@ -0,0 +1,18 @@
+package roomescape.application;
+
+import org.springframework.http.HttpStatus;
+import org.springframework.web.bind.annotation.ResponseStatus;
+
+@ResponseStatus
+public class AuthorizationException extends RuntimeException {
+    private final HttpStatus httpStatus;
+
+    public AuthorizationException(String message, HttpStatus httpStatus) {
+        super(message);
+        this.httpStatus = httpStatus;
+    }
+
+    public HttpStatus getHttpStatus() {
+        return httpStatus;
+    }
+}

src/main/java/roomescape/application/GlobalExceptionHandler.java

@@ -0,0 +1,16 @@
+package roomescape.application;
+
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.ExceptionHandler;
+import org.springframework.web.bind.annotation.RestControllerAdvice;
+
+@RestControllerAdvice
+public class GlobalExceptionHandler {
+
+    @ExceptionHandler(AuthorizationException.class)
+    public ResponseEntity<String> handleAuthorizationException(AuthorizationException ex) {
+        return ResponseEntity
+                .status(ex.getHttpStatus())
+                .body("Unauthorized: " + ex.getMessage());
+    }
+}

src/main/java/roomescape/authentication/AdminAccessInterceptor.java

@@ -0,0 +1,53 @@
+package roomescape.authentication;
+
+import jakarta.servlet.http.Cookie;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import org.springframework.stereotype.Component;
+import org.springframework.web.servlet.HandlerInterceptor;
+import roomescape.exception.AuthorizationException;
+import roomescape.domain.member.Member;
+
+import java.util.Arrays;
+
+@Component
+public class AdminAccessInterceptor implements HandlerInterceptor {
+    private final AuthService authService;
+
+    public AdminAccessInterceptor(AuthService authService) {
+        this.authService = authService;
+    }
+
+    @Override
+    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
+        String token = extractTokenFromCookies(request.getCookies());
+
+        String email = authService.getEmailFromToken(token);
+        Member member = authService.findLoginMemberByEmail(email);
+
+        if (member == null) {
+            response.setStatus(401);
+            return false;
+        }
+
+        if (!"ADMIN".equals(member.getRole())) {
+            response.setStatus(401);
+            response.getWriter().write("권한이 없습니다.");
+            return false;
+        }
+
+        return true;
+    }
+
+    private String extractTokenFromCookies(Cookie[] cookies) {
+        if (cookies == null) {
+            throw new AuthorizationException("쿠키가 존재하지 않습니다.");
+        }
+
+        return Arrays.stream(cookies)
+                .filter(cookie -> "token".equals(cookie.getName()))
+                .findFirst()
+                .map(Cookie::getValue)
+                .orElseThrow(() -> new AuthorizationException("토큰 쿠키가 없습니다."));
+    }
+}

src/main/java/roomescape/authentication/AuthService.java

@@ -0,0 +1,44 @@
+package roomescape.authentication;
+
+import org.springframework.stereotype.Service;
+import roomescape.domain.token.TokenRequest;
+import roomescape.domain.token.TokenResponse;
+import roomescape.exception.AuthorizationException;
+import roomescape.domain.member.Member;
+import roomescape.domain.member.MemberRepository;
+
+@Service
+public class AuthService {
+    private final JwtTokenProvider jwtTokenProvider;
+    private final MemberRepository memberRepository;
+
+    public AuthService(JwtTokenProvider jwtTokenProvider, MemberRepository memberRepository) {
+        this.jwtTokenProvider = jwtTokenProvider;
+        this.memberRepository = memberRepository;
+    }
+
+    public Member findLoginMemberByEmail(String email) {
+        return memberRepository.findByEmail(email)
+                .orElseThrow(() -> new AuthorizationException("사용자를 찾을 수 없습니다."));
+    }
+
+    public String getEmailFromToken(String token) {
+        return jwtTokenProvider.getPayload(token);
+    }
+
+    public TokenResponse createToken(TokenRequest tokenRequest) {
+        checkInvalidLogin(tokenRequest.getEmail(), tokenRequest.getPassword());
+
+        String accessToken = jwtTokenProvider.createToken(tokenRequest.getEmail());
+        return new TokenResponse(accessToken);
+    }
+
+    public void checkInvalidLogin(String email, String password) {
+        Member member = memberRepository.findByEmailAndPassword(email, password)
+                .orElseThrow(() -> new AuthorizationException("이메일 또는 비밀번호가 잘못되었습니다."));
+    }
+
+    public void verifyToken(String token) {
+        jwtTokenProvider.validateToken(token);
+    }
+}

src/main/java/roomescape/authentication/JwtTokenProvider.java

@@ -0,0 +1,44 @@
+package roomescape.authentication;
+
+import io.jsonwebtoken.*;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.stereotype.Component;
+
+import java.util.Date;
+
+@Component
+public class JwtTokenProvider {
+    @Value("${roomescape.auth.jwt.secret}")
+    private String secretKey;
+
+    @Value("${roomescape.auth.jwt.expire-length}")
+    private long validityInMilliseconds;
+
+    public String createToken(String payload) {
+        Claims claims = Jwts.claims().setSubject(payload);
+        Date now = new Date();
+        Date validity = new Date(now.getTime() + validityInMilliseconds);
+        return Jwts.builder()
+                .setClaims(claims)
+                .setIssuedAt(now)
+                .setExpiration(validity)
+                .signWith(SignatureAlgorithm.HS256, secretKey)
+                .compact();
+    }
+
+    public String getPayload(String token) {
+        return Jwts.parser().setSigningKey(secretKey).parseClaimsJws(token).getBody().getSubject();
+    }
+
+    public void validateToken(String token) {
+        try {
+            Jws<Claims> claims = Jwts.parser().setSigningKey(secretKey).parseClaimsJws(token);
+            if (claims.getBody().getExpiration().before(new Date())) {
+                throw new IllegalArgumentException("토큰이 만료되었습니다.");
+            }
+        } catch (JwtException | IllegalArgumentException e) {
+            throw new IllegalArgumentException("유효하지 않은 토큰 입니다.", e);
+        }
+    }
+
+}

src/main/java/roomescape/authentication/LoginMemberArgumentResolver.java

@@ -0,0 +1,56 @@
+package roomescape.authentication;
+
+import jakarta.servlet.http.Cookie;
+import jakarta.servlet.http.HttpServletRequest;
+import org.springframework.core.MethodParameter;
+import org.springframework.stereotype.Component;
+import org.springframework.web.bind.support.WebDataBinderFactory;
+import org.springframework.web.context.request.NativeWebRequest;
+import org.springframework.web.method.support.HandlerMethodArgumentResolver;
+import org.springframework.web.method.support.ModelAndViewContainer;
+import roomescape.exception.AuthorizationException;
+import roomescape.domain.member.Member;
+
+import java.util.Arrays;
+
+@Component
+public class LoginMemberArgumentResolver implements HandlerMethodArgumentResolver {
+    private final AuthService authService;
+
+    public LoginMemberArgumentResolver(AuthService authService) {
+        this.authService = authService;
+    }
+
+    @Override
+    public boolean supportsParameter(MethodParameter parameter) {
+        return parameter.getParameterType().equals(Member.class);
+    }
+
+    @Override
+    public Object resolveArgument(MethodParameter parameter,
+                                  ModelAndViewContainer mavContainer,
+                                  NativeWebRequest webRequest,
+                                  WebDataBinderFactory binderFactory) throws Exception {
+        HttpServletRequest request = (HttpServletRequest) webRequest.getNativeRequest();
+
+        String token = extractTokenFromCookies(request.getCookies());
+
+        authService.verifyToken(token);
+
+        String email = authService.getEmailFromToken(token);
+
+        return authService.findLoginMemberByEmail(email);
+    }
+
+    private String extractTokenFromCookies(Cookie[] cookies) {
+        if (cookies == null) {
+            throw new AuthorizationException("쿠키가 존재하지 않습니다.");
+        }
+
+        return Arrays.stream(cookies)
+                .filter(cookie -> "token".equals(cookie.getName()))
+                .findFirst()
+                .map(Cookie::getValue)
+                .orElseThrow(() -> new AuthorizationException("토큰 쿠키가 없습니다."));
+    }
+}

src/main/java/roomescape/config/WebConfig.java

@@ -0,0 +1,32 @@
+package roomescape.config;
+
+import org.springframework.context.annotation.Configuration;
+import org.springframework.web.method.support.HandlerMethodArgumentResolver;
+import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
+import roomescape.application.AuthService;
+import roomescape.security.AdminAccessInterceptor;
+import roomescape.web.LoginMemberArgumentResolver;
+
+import java.util.List;
+
+@Configuration
+public class WebConfig implements WebMvcConfigurer {
+    private final AuthService authService;
+
+    public WebConfig(AuthService authService) {
+        this.authService = authService;
+    }
+
+    @Override
+    public void addArgumentResolvers(List<HandlerMethodArgumentResolver> resolvers) {
+        resolvers.add(new LoginMemberArgumentResolver(authService));
+    }
+
+    @Override
+    public void addInterceptors(InterceptorRegistry registry) {
+        registry.addInterceptor(new AdminAccessInterceptor(authService))
+                .addPathPatterns("/admin/**")
+                .excludePathPatterns("/login");
+    }
+}