From aa10dac2ff91f5f97033b7a2adc11e3497b59e22 Mon Sep 17 00:00:00 2001 From: MoonMinHyuk1 Date: Thu, 23 Feb 2023 04:46:21 +0900 Subject: [PATCH 1/2] =?UTF-8?q?feat:=20=EB=8B=89=EB=84=A4=EC=9E=84=20&=20?= =?UTF-8?q?=EB=B9=84=EB=B0=80=EB=B2=88=ED=98=B8=20=EC=88=98=EC=A0=95=20?= =?UTF-8?q?=EC=B6=94=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../domain/user/controller/UserController.kt | 33 ++++++++++++++++--- .../jhouse_server/domain/user/entity/User.kt | 8 +++++ .../domain/user/service/UserService.kt | 6 +++- .../domain/user/service/UserServiceImpl.kt | 23 +++++++++++-- 4 files changed, 62 insertions(+), 8 deletions(-) diff --git a/src/main/kotlin/com/example/jhouse_server/domain/user/controller/UserController.kt b/src/main/kotlin/com/example/jhouse_server/domain/user/controller/UserController.kt index 902a061e..31e5abcd 100644 --- a/src/main/kotlin/com/example/jhouse_server/domain/user/controller/UserController.kt +++ b/src/main/kotlin/com/example/jhouse_server/domain/user/controller/UserController.kt @@ -1,6 +1,7 @@ package com.example.jhouse_server.domain.user.controller import com.example.jhouse_server.domain.user.* +import com.example.jhouse_server.domain.user.entity.Authority.USER import com.example.jhouse_server.domain.user.entity.User import com.example.jhouse_server.domain.user.service.UserService import com.example.jhouse_server.global.annotation.Auth @@ -16,21 +17,21 @@ class UserController( val userService: UserService ) { - @GetMapping("/email-check/{email}") + @GetMapping("/check/email/{email}") fun emailCheck( @PathVariable("email") email: String ): ApplicationResponse { return ApplicationResponse.ok(userService.checkEmail(email)) } - @GetMapping("/nick-name-check/{nick-name}") + @GetMapping("/check/nick-name/{nick-name}") fun nickNameCheck( @PathVariable("nick-name") nickName: String ): ApplicationResponse { return ApplicationResponse.ok(userService.checkNickName(nickName)) } - @PostMapping("/send-sms") + @PostMapping("/send/sms") fun sendSms( @RequestParam("phone_num") phoneNum: String ): ApplicationResponse { @@ -39,7 +40,7 @@ class UserController( return ApplicationResponse.ok() } - @PostMapping("/check-sms") + @PostMapping("/check/sms") fun checkSms( @RequestBody checkSmsReqDto: CheckSmsReqDto ): ApplicationResponse { @@ -74,7 +75,29 @@ class UserController( fun logout( @AuthUser user: User ): ApplicationResponse { - userService.logout(user) + userService.logout(user.email) + + return ApplicationResponse.ok() + } + + @Auth + @PutMapping("/update/nick-name/{nick-name}") + fun updateNickName( + @AuthUser user: User, + @PathVariable("nick-name") nickName: String + ): ApplicationResponse { + userService.updateNickName(user, nickName) + + return ApplicationResponse.ok() + } + + @Auth + @PutMapping("/update/password/{password}") + fun updatePassword( + @AuthUser user: User, + @PathVariable("password") password: String + ): ApplicationResponse { + userService.updatePassword(user, password) return ApplicationResponse.ok() } diff --git a/src/main/kotlin/com/example/jhouse_server/domain/user/entity/User.kt b/src/main/kotlin/com/example/jhouse_server/domain/user/entity/User.kt index 11f49ade..b3252aee 100644 --- a/src/main/kotlin/com/example/jhouse_server/domain/user/entity/User.kt +++ b/src/main/kotlin/com/example/jhouse_server/domain/user/entity/User.kt @@ -30,4 +30,12 @@ class User( fun update(phoneNum: String) { this.phoneNum = phoneNum } + + fun updateNickName(nickName: String) { + this.nickName = nickName + } + + fun updatePassword(password: String) { + this.password = password + } } \ No newline at end of file diff --git a/src/main/kotlin/com/example/jhouse_server/domain/user/service/UserService.kt b/src/main/kotlin/com/example/jhouse_server/domain/user/service/UserService.kt index 11400774..9b478bb0 100644 --- a/src/main/kotlin/com/example/jhouse_server/domain/user/service/UserService.kt +++ b/src/main/kotlin/com/example/jhouse_server/domain/user/service/UserService.kt @@ -24,5 +24,9 @@ interface UserService { fun reissue(tokenDto: TokenDto): TokenDto - fun logout(user: User) + fun logout(email: String) + + fun updateNickName(user: User, nickName: String) + + fun updatePassword(user: User, password: String) } \ No newline at end of file diff --git a/src/main/kotlin/com/example/jhouse_server/domain/user/service/UserServiceImpl.kt b/src/main/kotlin/com/example/jhouse_server/domain/user/service/UserServiceImpl.kt index e9aea4c3..72fa10b9 100644 --- a/src/main/kotlin/com/example/jhouse_server/domain/user/service/UserServiceImpl.kt +++ b/src/main/kotlin/com/example/jhouse_server/domain/user/service/UserServiceImpl.kt @@ -106,8 +106,27 @@ class UserServiceImpl ( return updateTokenResponse } - override fun logout(user: User) { - redisUtil.deleteValues(user.email) + override fun logout(email: String) { + redisUtil.deleteValues(email) + } + + @Transactional + override fun updateNickName(user: User, nickName: String) { + if (userRepository.existsByNickName(nickName)) { + throw ApplicationException(EXIST_NICK_NAME) + } + + user.updateNickName(nickName) + } + + @Transactional + override fun updatePassword(user: User, password: String) { + val encodePassword = encodePassword(password) + if (user.password == encodePassword) { + throw ApplicationException(SAME_PASSWORD) + } + + user.updatePassword(encodePassword) } private fun createCode(): String { From 3c6d3e990561f25ab521405aedd4da09162ce661 Mon Sep 17 00:00:00 2001 From: MoonMinHyuk1 Date: Thu, 23 Feb 2023 04:47:16 +0900 Subject: [PATCH 2/2] =?UTF-8?q?feat:=20Auth=20=EC=96=B4=EB=85=B8=ED=85=8C?= =?UTF-8?q?=EC=9D=B4=EC=85=98=20=EA=B4=80=EB=A6=AC=EC=9E=90=20=EA=B8=B0?= =?UTF-8?q?=EB=8A=A5=20=EC=B6=94=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../jhouse_server/global/HealthCheckController.kt | 11 ++++++++++- .../example/jhouse_server/global/annotation/Auth.kt | 6 +++++- .../com/example/jhouse_server/global/aop/AuthAop.kt | 12 ++++++++++-- .../jhouse_server/global/exception/ErrorCode.kt | 4 +++- .../jhouse_server/global/jwt/TokenProvider.kt | 7 +++++++ 5 files changed, 35 insertions(+), 5 deletions(-) diff --git a/src/main/kotlin/com/example/jhouse_server/global/HealthCheckController.kt b/src/main/kotlin/com/example/jhouse_server/global/HealthCheckController.kt index 4a211533..f6ec268d 100644 --- a/src/main/kotlin/com/example/jhouse_server/global/HealthCheckController.kt +++ b/src/main/kotlin/com/example/jhouse_server/global/HealthCheckController.kt @@ -1,5 +1,8 @@ package com.example.jhouse_server.global +import com.example.jhouse_server.domain.user.entity.Authority +import com.example.jhouse_server.domain.user.entity.Authority.ADMIN +import com.example.jhouse_server.domain.user.entity.Authority.USER import com.example.jhouse_server.global.annotation.Auth import org.springframework.web.bind.annotation.GetMapping import org.springframework.web.bind.annotation.RequestMapping @@ -23,8 +26,14 @@ class HealthCheckController { } @Auth - @GetMapping("/api/auth/test") + @GetMapping("/api/auth/user") fun healthCheckV4() : String { return "못들어오지~?" } + + @Auth(ADMIN) + @GetMapping("/api/auth/admin") + fun healthCheckV5() : String { + return "관리자만 오시오" + } } \ No newline at end of file diff --git a/src/main/kotlin/com/example/jhouse_server/global/annotation/Auth.kt b/src/main/kotlin/com/example/jhouse_server/global/annotation/Auth.kt index 86be3e09..32f7be5c 100644 --- a/src/main/kotlin/com/example/jhouse_server/global/annotation/Auth.kt +++ b/src/main/kotlin/com/example/jhouse_server/global/annotation/Auth.kt @@ -1,5 +1,9 @@ package com.example.jhouse_server.global.annotation +import com.example.jhouse_server.domain.user.entity.Authority + @Target(AnnotationTarget.FUNCTION) @Retention(AnnotationRetention.RUNTIME) -annotation class Auth() +annotation class Auth( + val auth: Authority = Authority.USER +) diff --git a/src/main/kotlin/com/example/jhouse_server/global/aop/AuthAop.kt b/src/main/kotlin/com/example/jhouse_server/global/aop/AuthAop.kt index b15b3d22..10d134d3 100644 --- a/src/main/kotlin/com/example/jhouse_server/global/aop/AuthAop.kt +++ b/src/main/kotlin/com/example/jhouse_server/global/aop/AuthAop.kt @@ -1,6 +1,10 @@ package com.example.jhouse_server.global.aop +import com.example.jhouse_server.domain.user.entity.Authority.ADMIN +import com.example.jhouse_server.domain.user.entity.Authority.USER +import com.example.jhouse_server.global.annotation.Auth import com.example.jhouse_server.global.exception.ApplicationException +import com.example.jhouse_server.global.exception.ErrorCode.DONT_HAVE_AUTHORITY import com.example.jhouse_server.global.exception.ErrorCode.DONT_VALIDATE_TOKEN import com.example.jhouse_server.global.jwt.TokenProvider import org.aspectj.lang.JoinPoint @@ -25,12 +29,16 @@ class AuthAop ( @Pointcut("@annotation(com.example.jhouse_server.global.annotation.Auth)") private fun enableAuth() {} - @Before("cut() && enableAuth()") - public fun before(joinPoint: JoinPoint) { + @Before("cut() && enableAuth() && @annotation(auth)") + public fun before(joinPoint: JoinPoint, auth: Auth) { val request = (RequestContextHolder.currentRequestAttributes() as ServletRequestAttributes).request val bearerToken: String = request.getHeader(AUTHORIZATION_HEADER) ?: throw ApplicationException(DONT_VALIDATE_TOKEN) val jwt: String = tokenProvider.resolveToken(bearerToken) ?: throw ApplicationException(DONT_VALIDATE_TOKEN) + if (auth.auth == ADMIN && tokenProvider.getAuthority(jwt) == USER) { + throw ApplicationException(DONT_HAVE_AUTHORITY) + } + tokenProvider.validateToken(jwt) } } \ No newline at end of file diff --git a/src/main/kotlin/com/example/jhouse_server/global/exception/ErrorCode.kt b/src/main/kotlin/com/example/jhouse_server/global/exception/ErrorCode.kt index 8f38006a..d16a4f25 100644 --- a/src/main/kotlin/com/example/jhouse_server/global/exception/ErrorCode.kt +++ b/src/main/kotlin/com/example/jhouse_server/global/exception/ErrorCode.kt @@ -20,6 +20,7 @@ enum class ErrorCode( NOT_SUPPORT_JWT_TOKEN(HttpStatus.BAD_REQUEST, "J0003", "지원되지 않는 JWT 토큰입니다."), WRONG_JWT_TOKEN(HttpStatus.BAD_REQUEST, "J0004", "JWT 토큰이 잘못되었습니다."), DONT_VALIDATE_TOKEN(HttpStatus.BAD_REQUEST, "J0005", "토큰 검증 실패"), + DONT_HAVE_AUTHORITY(HttpStatus.BAD_REQUEST, "J0006", "권한이 없습니다."), // User EXIST_PHONE_NUM(HttpStatus.BAD_REQUEST, "U0000", "이미 가입된 전화번호입니다."), @@ -27,5 +28,6 @@ enum class ErrorCode( DONT_MATCH_PASSWORD(HttpStatus.BAD_REQUEST, "U0002", "비밀번호가 일치하지 않습니다."), ALREADY_LOGOUT(HttpStatus.BAD_REQUEST, "U0003", "로그아웃 된 사용자입니다."), DONT_MATCH_WITH_TOKEN(HttpStatus.BAD_REQUEST, "U0004", "토큰의 유저 정보가 일치하지 않습니다."), - + EXIST_NICK_NAME(HttpStatus.BAD_REQUEST, "U0005", "이미 존재하는 닉네임입니다."), + SAME_PASSWORD(HttpStatus.BAD_REQUEST, "U0006", "비밀번호가 같습니다.") } \ No newline at end of file diff --git a/src/main/kotlin/com/example/jhouse_server/global/jwt/TokenProvider.kt b/src/main/kotlin/com/example/jhouse_server/global/jwt/TokenProvider.kt index fb95f6a5..99fe8b60 100644 --- a/src/main/kotlin/com/example/jhouse_server/global/jwt/TokenProvider.kt +++ b/src/main/kotlin/com/example/jhouse_server/global/jwt/TokenProvider.kt @@ -1,5 +1,6 @@ package com.example.jhouse_server.global.jwt +import com.example.jhouse_server.domain.user.entity.Authority import com.example.jhouse_server.domain.user.entity.User import com.example.jhouse_server.global.exception.ApplicationException import com.example.jhouse_server.global.exception.ErrorCode @@ -82,4 +83,10 @@ class TokenProvider { return claims.subject } + + fun getAuthority(token: String): Authority { + val claims = Jwts.parserBuilder().setSigningKey(key).build().parseClaimsJws(token).body + + return Authority.valueOf(claims[AUTHORITIES_KEY].toString()) + } } \ No newline at end of file