rest controller practice : validation JWT token (interceptor)
This commit is contained in:
haerong22
File diff suppressed because it is too large
Load Diff
BIN
rest-controller-practice/logs/spring-jpa.log.2021-03-20.0.gz
Normal file
BIN
rest-controller-practice/logs/spring-jpa.log.2021-03-20.0.gz
Normal file
Binary file not shown.
@@ -200,4 +200,14 @@ public class ApiBoardController {
|
||||
|
||||
return ResponseResult.success(list);
|
||||
}
|
||||
|
||||
@PostMapping("/api/board")
|
||||
public ResponseEntity<?> chapter4_11(@RequestBody BoardInput boardInput,
|
||||
@RequestHeader("TOKEN") String token) {
|
||||
|
||||
String email = JWTUtils.getIssuer(token);
|
||||
|
||||
ServiceResult result = boardService.add(email, boardInput);
|
||||
return ResponseResult.result(result);
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,17 @@
|
||||
package com.example.restcontroller.board.model;
|
||||
|
||||
import lombok.AllArgsConstructor;
|
||||
import lombok.Builder;
|
||||
import lombok.Data;
|
||||
import lombok.NoArgsConstructor;
|
||||
|
||||
@Data
|
||||
@Builder
|
||||
@AllArgsConstructor
|
||||
@NoArgsConstructor
|
||||
public class BoardInput {
|
||||
|
||||
private Long boardType;
|
||||
private String title;
|
||||
private String contents;
|
||||
}
|
||||
@@ -51,4 +51,6 @@ public interface BoardService {
|
||||
Board detail(Long id);
|
||||
|
||||
List<Board> list();
|
||||
|
||||
ServiceResult add(String email, BoardInput boardInput);
|
||||
}
|
||||
|
||||
@@ -383,4 +383,26 @@ public class BoardServiceImpl implements BoardService {
|
||||
public List<Board> list() {
|
||||
return boardRepository.findAll();
|
||||
}
|
||||
|
||||
@Transactional
|
||||
@Override
|
||||
public ServiceResult add(String email, BoardInput boardInput) {
|
||||
User userEntity = userRepository.findByEmail(email)
|
||||
.orElseThrow(() -> new BizException("회원 정보가 존재하지 않습니다."));
|
||||
|
||||
BoardType boardTypeEntity = boardTypeRepository.findById(boardInput.getBoardType())
|
||||
.orElseThrow(() -> new BoardTypeNotFoundException("게시판 타입이 없습니다."));
|
||||
|
||||
Board board = Board.builder()
|
||||
.user(userEntity)
|
||||
.boardType(boardTypeEntity)
|
||||
.title(boardInput.getTitle())
|
||||
.content(boardInput.getContents())
|
||||
.regDate(LocalDateTime.now())
|
||||
.build();
|
||||
|
||||
boardRepository.save(board);
|
||||
|
||||
return ServiceResult.success();
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
package com.example.restcontroller;
|
||||
package com.example.restcontroller.common;
|
||||
|
||||
import com.example.restcontroller.board.exception.BoardTypeNotFoundException;
|
||||
import com.example.restcontroller.common.exception.AuthFailException;
|
||||
import com.example.restcontroller.common.exception.BizException;
|
||||
import com.example.restcontroller.common.model.ResponseResult;
|
||||
import com.example.restcontroller.notice.exception.AlreadyDeletedException;
|
||||
@@ -27,7 +28,8 @@ public class GlobalExceptionHandler {
|
||||
ExistsEmailException.class,
|
||||
PasswordNotMatchException.class,
|
||||
BoardTypeNotFoundException.class,
|
||||
BizException.class })
|
||||
BizException.class,
|
||||
AuthFailException.class})
|
||||
public ResponseEntity<?> badRequest(RuntimeException e) {
|
||||
log.info(e.getClass().getName() + e.getMessage());
|
||||
return ResponseResult.fail(e.getMessage());
|
||||
@@ -0,0 +1,7 @@
|
||||
package com.example.restcontroller.common.exception;
|
||||
|
||||
public class AuthFailException extends RuntimeException {
|
||||
public AuthFailException(String message) {
|
||||
super(message);
|
||||
}
|
||||
}
|
||||
@@ -1,5 +1,9 @@
|
||||
package com.example.restcontroller.common.interceptor;
|
||||
|
||||
import com.auth0.jwt.exceptions.JWTVerificationException;
|
||||
import com.example.restcontroller.common.exception.AuthFailException;
|
||||
import com.example.restcontroller.common.model.ResponseResult;
|
||||
import com.example.restcontroller.util.JWTUtils;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.springframework.web.servlet.HandlerInterceptor;
|
||||
|
||||
@@ -15,8 +19,25 @@ public class CommonInterceptor implements HandlerInterceptor {
|
||||
log.info("#########################################");
|
||||
log.info("[interceptor] - preHandler start");
|
||||
log.info("#########################################");
|
||||
log.info(request.getMethod());
|
||||
log.info(request.getRequestURI());
|
||||
log.info(request.getMethod() + " " + request.getRequestURI());
|
||||
|
||||
if (!validJWT(request)) {
|
||||
throw new AuthFailException("인증정보가 정확하지 않습니다");
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
private boolean validJWT(HttpServletRequest request) {
|
||||
|
||||
String token = request.getHeader("TOKEN");
|
||||
|
||||
String email = "";
|
||||
try {
|
||||
email = JWTUtils.getIssuer(token);
|
||||
} catch (JWTVerificationException e) {
|
||||
return false;
|
||||
}
|
||||
request.setAttribute("email", email);
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user