bugfix

- update ftl path - delete duplicate security settings
token검증시 회원정보를 조회하지 않고 Authentication정보를 SpringSecurityContext에 세팅하도록 수정
2019-11-14 11:38:35 +09:00 · 2019-09-26 22:53:41 +09:00
17 changed files with 34 additions and 211 deletions
--- a/README.md
+++ b/README.md
@@ -1,14 +1,9 @@
-![Java_8](https://img.shields.io/badge/java-v1.8-red?logo=java)
-![Java_11](https://img.shields.io/badge/java-v11-red?logo=java)
-![Spring_Boot](https://img.shields.io/badge/Spring_Boot-v2.1.4-green.svg?logo=spring)
-![Spring_Security](https://img.shields.io/badge/Spring_Security-v5.1.5-green.svg?logo=spring)
-![GitHub stars](https://img.shields.io/github/stars/codej99/SpringRestApi?style=social)
 # Spring Rest Api 만들기 프로젝트

 ### 0. 개요
 - SpringBoot2 framework 기반에서 RESTful api 서비스를 Step by Step으로 만들어 나가는 프로젝트
 - daddyprogrammer.org에서 연재 및 소스 Github 등록
-    - https://daddyprogrammer.org/post/series/springboot2-make-rest-api/
+    - https://daddyprogrammer.org/post/series/springboot2%EB%A1%9C-rest-api-%EB%A7%8C%EB%93%A4%EA%B8%B0/

 ### 1. 개발환경
 - Java 8~11
@@ -125,8 +120,3 @@ alter table user_roles
        - https://daddyprogrammer.org/post/3870/spring-rest-api-redis-caching/
    - Git
        - https://github.com/codej99/SpringRestApi/tree/cache-data-redis
-  - SpringBoot2로 Rest api 만들기(16) – AOP와 Custom Annotation을 이용한 금칙어(Forbidden Word) 처리
-    - Document
-        - https://daddyprogrammer.org/post/11356/springboot2-forbidden-word-by-aop-annotation/
-    - Git
-        - https://github.com/codej99/SpringRestApi/tree/feature/block_fobidden_word
--- a/src/main/java/com/rest/api/advice/ExceptionAdvice.java
+++ b/src/main/java/com/rest/api/advice/ExceptionAdvice.java
@@ -77,12 +77,6 @@ public class ExceptionAdvice {
        return responseService.getFailResult(Integer.valueOf(getMessage("resourceNotExist.code")), getMessage("resourceNotExist.msg"));
    }

-    @ExceptionHandler(CForbiddenWordException.class)
-    @ResponseStatus(HttpStatus.BAD_REQUEST)
-    public CommonResult forbiddenWordException(HttpServletRequest request, CForbiddenWordException e) {
-        return responseService.getFailResult(Integer.valueOf(getMessage("forbiddenWord.code")), getMessage("forbiddenWord.msg", new Object[]{e.getMessage()}));
-    }
-
    // code정보에 해당하는 메시지를 조회합니다.
    private String getMessage(String code) {
        return getMessage(code, null);
--- a/src/main/java/com/rest/api/advice/exception/CForbiddenWordException.java
+++ b/src/main/java/com/rest/api/advice/exception/CForbiddenWordException.java
@@ -1,16 +0,0 @@
-package com.rest.api.advice.exception;
-
-public class CForbiddenWordException extends RuntimeException {
-
-    public CForbiddenWordException(String msg, Throwable t) {
-        super(msg, t);
-    }
-
-    public CForbiddenWordException(String msg) {
-        super(msg);
-    }
-
-    public CForbiddenWordException() {
-        super();
-    }
-}
--- a/src/main/java/com/rest/api/annotation/ForbiddenWordCheck.java
+++ b/src/main/java/com/rest/api/annotation/ForbiddenWordCheck.java
@@ -1,15 +0,0 @@
-package com.rest.api.annotation;
-
-import com.rest.api.model.board.ParamsPost;
-
-import java.lang.annotation.ElementType;
-import java.lang.annotation.Retention;
-import java.lang.annotation.RetentionPolicy;
-import java.lang.annotation.Target;
-
-@Target({ElementType.METHOD})
-@Retention(RetentionPolicy.RUNTIME)
-public @interface ForbiddenWordCheck {
-    String param() default "paramsPost.content";
-    Class<?> checkClazz() default ParamsPost.class;
-}
--- a/src/main/java/com/rest/api/annotation/aspect/ForbiddenWordCheckAspect.java
+++ b/src/main/java/com/rest/api/annotation/aspect/ForbiddenWordCheckAspect.java
@@ -1,74 +0,0 @@
-package com.rest.api.annotation.aspect;
-
-import com.rest.api.advice.exception.CForbiddenWordException;
-import com.rest.api.annotation.ForbiddenWordCheck;
-import io.micrometer.core.instrument.util.StringUtils;
-import org.aspectj.lang.JoinPoint;
-import org.aspectj.lang.annotation.Aspect;
-import org.aspectj.lang.annotation.Before;
-import org.aspectj.lang.reflect.MethodSignature;
-import org.springframework.stereotype.Component;
-
-import java.lang.reflect.Field;
-import java.util.Arrays;
-import java.util.List;
-import java.util.Optional;
-
-@Aspect
-@Component
-public class ForbiddenWordCheckAspect {
-
-    // 어노테이션이 설정된 메서드의 메인 프로세스가 시작되기전(Before)에 금칙어 체크 로직이 적용된다.
-    @Before(value = "@annotation(forbiddenWordCheck)")
-    public void forbiddenWordCheck(JoinPoint pjp, ForbiddenWordCheck forbiddenWordCheck) throws Throwable {
-        // 금칙어를 체크할 메서드의 파라미터가 객체인지(객체.필드명) 일반 String인지에 따라 구분하여 처리한다.
-        String[] param = forbiddenWordCheck.param().split("\\.");
-        String paramName;
-        String fieldName = "";
-        if (param.length == 2) {
-            paramName = param[0];
-            fieldName = param[1];
-        } else {
-            paramName = forbiddenWordCheck.param();
-        }
-        // 메서드의 파라미터 이름으로 메서드의 몇번째 파라미터인지 구한다.
-        Integer parameterIdx = getParameterIdx(pjp, paramName);
-        if (parameterIdx == -1)
-            throw new IllegalArgumentException();
-
-        String checkWord;
-        // 객체내의 필드값에서 금칙어 체크 문장을 얻어내야 할 경우
-        if (StringUtils.isNotEmpty(fieldName)) {
-            Class<?> clazz = forbiddenWordCheck.checkClazz();
-            Field field = clazz.getDeclaredField(fieldName);
-            field.setAccessible(true);
-            checkWord = (String) field.get(pjp.getArgs()[parameterIdx]);
-        // 금칙어 체크 문장이 String형의 파라미터로 넘어오는 경우
-        } else {
-            checkWord = (String) pjp.getArgs()[parameterIdx];
-        }
-        // 체크할 문장에 금칙어가 포함되어 있는지 확인
-        checkForbiddenWord(checkWord);
-    }
-
-    // 메서드의 파라미터 이름으로 몇번째에 파라미터가 위치하는지 구함
-    private Integer getParameterIdx(JoinPoint joinPoint, String paramName) {
-        MethodSignature methodSignature = (MethodSignature) joinPoint.getSignature();
-        String[] parameterNames = methodSignature.getParameterNames();
-        for (int i = 0; i < parameterNames.length; i++) {
-            String parameterName = parameterNames[i];
-            if (paramName.equals(parameterName)) {
-                return i;
-            }
-        }
-        return -1;
-    }
-
-    // 입력된 문장에 금칙어가 포함되어 있으면 Exception을 발생시킨다.
-    private void checkForbiddenWord(String word) {
-        List<String> forbiddenWords = Arrays.asList("개새끼", "쌍년", "씨발");
-        Optional<String> forbiddenWord = forbiddenWords.stream().filter(word::contains).findFirst();
-        if (forbiddenWord.isPresent())
-            throw new CForbiddenWordException(forbiddenWord.get());
-    }
-}
--- a/src/main/java/com/rest/api/config/RedisConfig.java
+++ b/src/main/java/com/rest/api/config/RedisConfig.java
@@ -9,6 +9,8 @@ import org.springframework.data.redis.cache.CacheKeyPrefix;
 import org.springframework.data.redis.cache.RedisCacheConfiguration;
 import org.springframework.data.redis.cache.RedisCacheManager;
 import org.springframework.data.redis.connection.RedisConnectionFactory;
+import org.springframework.data.redis.core.RedisTemplate;
+import org.springframework.data.redis.serializer.Jackson2JsonRedisSerializer;
 import org.springframework.data.redis.serializer.RedisSerializationContext;
 import org.springframework.data.redis.serializer.StringRedisSerializer;

--- a/src/main/java/com/rest/api/config/security/CustomAccessDeniedHandler.java
+++ b/src/main/java/com/rest/api/config/security/CustomAccessDeniedHandler.java
@@ -1,13 +1,10 @@
 package com.rest.api.config.security;

 import lombok.extern.slf4j.Slf4j;
-import org.springframework.context.i18n.LocaleContextHolder;
 import org.springframework.security.access.AccessDeniedException;
 import org.springframework.security.web.access.AccessDeniedHandler;
 import org.springframework.stereotype.Component;

-import javax.servlet.RequestDispatcher;
-import javax.servlet.ServletException;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import java.io.IOException;
@@ -17,9 +14,7 @@ import java.io.IOException;
 public class CustomAccessDeniedHandler implements AccessDeniedHandler {

    @Override
-    public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException exception) throws IOException, ServletException {
-        response.setLocale(LocaleContextHolder.getLocale());
-        RequestDispatcher rd = request.getRequestDispatcher("/exception/accessdenied");
-        rd.forward(request, response);
+    public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException exception) throws IOException {
+        response.sendRedirect("/exception/accessdenied");
    }
 }
--- a/src/main/java/com/rest/api/config/security/CustomAuthenticationEntryPoint.java
+++ b/src/main/java/com/rest/api/config/security/CustomAuthenticationEntryPoint.java
@@ -1,13 +1,10 @@
 package com.rest.api.config.security;

 import lombok.extern.slf4j.Slf4j;
-import org.springframework.context.i18n.LocaleContextHolder;
 import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.web.AuthenticationEntryPoint;
 import org.springframework.stereotype.Component;

-import javax.servlet.RequestDispatcher;
-import javax.servlet.ServletException;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import java.io.IOException;
@@ -16,9 +13,7 @@ import java.io.IOException;
@Component
 public class CustomAuthenticationEntryPoint implements AuthenticationEntryPoint {
    @Override
-    public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException ex) throws IOException, ServletException {
-        response.setLocale(LocaleContextHolder.getLocale());
-        RequestDispatcher rd = request.getRequestDispatcher("/exception/entrypoint");
-        rd.forward(request, response);
+    public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException ex) throws IOException {
+        response.sendRedirect("/exception/entrypoint");
    }
 }
--- a/src/main/java/com/rest/api/config/security/JwtTokenProvider.java
+++ b/src/main/java/com/rest/api/config/security/JwtTokenProvider.java
@@ -1,5 +1,6 @@
 package com.rest.api.config.security;

+import com.rest.api.entity.User;
 import io.jsonwebtoken.Claims;
 import io.jsonwebtoken.Jws;
 import io.jsonwebtoken.Jwts;
@@ -8,15 +9,12 @@ import lombok.RequiredArgsConstructor;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.Authentication;
-import org.springframework.security.core.userdetails.UserDetails;
 import org.springframework.security.core.userdetails.UserDetailsService;
 import org.springframework.stereotype.Component;

 import javax.annotation.PostConstruct;
 import javax.servlet.http.HttpServletRequest;
-import java.util.Base64;
-import java.util.Date;
-import java.util.List;
+import java.util.*;

@RequiredArgsConstructor
@Component
@@ -49,13 +47,18 @@ public class JwtTokenProvider { // JWT 토큰을 생성 및 검증 모듈

    // Jwt 토큰으로 인증 정보를 조회
    public Authentication getAuthentication(String token) {
-        UserDetails userDetails = userDetailsService.loadUserByUsername(this.getUserPk(token));
-        return new UsernamePasswordAuthenticationToken(userDetails, "", userDetails.getAuthorities());
+        Map<String, Object> parseInfo = getUserParseInfo(token);
+        User user = User.builder().uid(String.valueOf(parseInfo.get("msrl"))).roles((List)parseInfo.get("authorities")).build();
+        return new UsernamePasswordAuthenticationToken(user, "", user.getAuthorities());
    }

    // Jwt 토큰에서 회원 구별 정보 추출
-    public String getUserPk(String token) {
-        return Jwts.parser().setSigningKey(secretKey).parseClaimsJws(token).getBody().getSubject();
+    public Map<String, Object> getUserParseInfo(String token) {
+        Jws<Claims> parseInfo = Jwts.parser().setSigningKey(secretKey).parseClaimsJws(token);
+        Map<String, Object> result = new HashMap<>();
+        result.put("msrl", parseInfo.getBody().getSubject());
+        result.put("authorities", parseInfo.getBody().get("roles", List.class));
+        return result;
    }

    // Request의 Header에서 token 파싱 : "X-AUTH-TOKEN: jwt토큰"
--- a/src/main/java/com/rest/api/config/security/SecurityConfiguration.java
+++ b/src/main/java/com/rest/api/config/security/SecurityConfiguration.java
@@ -3,7 +3,6 @@ package com.rest.api.config.security;
 import lombok.RequiredArgsConstructor;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
-import org.springframework.context.i18n.LocaleContextHolder;
 import org.springframework.http.HttpMethod;
 import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
@@ -11,12 +10,6 @@ import org.springframework.security.config.annotation.web.builders.WebSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
 import org.springframework.security.config.http.SessionCreationPolicy;
 import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
-import org.springframework.web.servlet.i18n.SessionLocaleResolver;
-
-import javax.servlet.*;
-import javax.servlet.http.HttpServletRequest;
-import java.io.IOException;
-import java.util.Locale;

@RequiredArgsConstructor
@Configuration
@@ -39,14 +32,13 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
            .and()
                .authorizeRequests() // 다음 리퀘스트에 대한 사용권한 체크
                    .antMatchers("/*/signin", "/*/signin/**", "/*/signup", "/*/signup/**", "/social/**").permitAll() // 가입 및 인증 주소는 누구나 접근가능
-                    .antMatchers(HttpMethod.GET, "/exception/**", "/helloworld/**","/actuator/health", "/v1/board/**", "/favicon.ico").permitAll() // 등록된 GET요청 리소스는 누구나 접근가능
+                    .antMatchers(HttpMethod.GET, "/exception/**", "/helloworld/**","/actuator/health", "/v1/board/**", "/favicon.ico").permitAll() // 등록한 GET요청 리소스는 누구나 접근가능
                    .anyRequest().hasRole("USER") // 그외 나머지 요청은 모두 인증된 회원만 접근 가능
            .and()
                .exceptionHandling().accessDeniedHandler(new CustomAccessDeniedHandler())
            .and()
                .exceptionHandling().authenticationEntryPoint(new CustomAuthenticationEntryPoint())
            .and()
-                .addFilterBefore(new AthenticationEntryLocaleFilter(), UsernamePasswordAuthenticationFilter.class)
                .addFilterBefore(new JwtAuthenticationFilter(jwtTokenProvider), UsernamePasswordAuthenticationFilter.class); // jwt token 필터를 id/password 인증 필터 전에 넣어라.

    }
@@ -57,31 +49,4 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
                "/swagger-ui.html", "/webjars/**", "/swagger/**");

    }
-
-    private static class AthenticationEntryLocaleFilter implements Filter {
-        private SessionLocaleResolver localeResolver;
-
-        private AthenticationEntryLocaleFilter() {
-            localeResolver = new SessionLocaleResolver();
-            localeResolver.setDefaultLocale(Locale.KOREAN);
-        }
-
-        @Override
-        public void init(FilterConfig filterConfig) {
-        }
-
-        @Override
-        public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
-            if(request.getParameter("lang") != null)
-                localeResolver.setDefaultLocale(Locale.forLanguageTag(request.getParameter("lang")));
-            Locale locale = localeResolver.resolveLocale((HttpServletRequest) request);
-            LocaleContextHolder.setLocale(locale);
-            chain.doFilter(request, response);
-        }
-
-        @Override
-        public void destroy() {
-        }
-    }
 }
-
--- a/src/main/java/com/rest/api/controller/HelloController.java
+++ b/src/main/java/com/rest/api/controller/HelloController.java
@@ -15,7 +15,7 @@ public class HelloController {

    @Setter
    @Getter
-    public static class Hello {
+    private static class Hello {
        private String message;
    }

--- a/src/main/java/com/rest/api/controller/exception/ExceptionController.java
+++ b/src/main/java/com/rest/api/controller/exception/ExceptionController.java
@@ -18,7 +18,7 @@ public class ExceptionController {
        throw new CAuthenticationEntryPointException();
    }

-    @RequestMapping(value = "/accessdenied")
+    @GetMapping(value = "/accessdenied")
    public CommonResult accessdeniedException() {
        throw new AccessDeniedException("");
    }
--- a/src/main/java/com/rest/api/controller/v1/UserController.java
+++ b/src/main/java/com/rest/api/controller/v1/UserController.java
@@ -40,9 +40,8 @@ public class UserController {
    public SingleResult<User> findUser() {
        // SecurityContext에서 인증받은 회원의 정보를 얻어온다.
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
-        String id = authentication.getName();
        // 결과데이터가 단일건인경우 getSingleResult를 이용해서 결과를 출력한다.
-        return responseService.getSingleResult(userJpaRepo.findByUid(id).orElseThrow(CUserNotFoundException::new));
+        return responseService.getSingleResult(userJpaRepo.findById(Long.valueOf(authentication.getName())).orElseThrow(CUserNotFoundException::new));
    }

    @ApiImplicitParams({
@@ -54,8 +53,7 @@ public class UserController {
            @ApiParam(value = "회원이름", required = true) @RequestParam String name) {

        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
-        String id = authentication.getName();
-        User user = userJpaRepo.findByUid(id).orElseThrow(CUserNotFoundException::new);
+        User user = userJpaRepo.findById(Long.valueOf(authentication.getName())).orElseThrow(CUserNotFoundException::new);
        user.setName(name);
        return responseService.getSingleResult(userJpaRepo.save(user));
    }
--- a/src/main/java/com/rest/api/controller/v1/board/BoardController.java
+++ b/src/main/java/com/rest/api/controller/v1/board/BoardController.java
@@ -56,8 +56,7 @@ public class BoardController {
    @PostMapping(value = "/{boardName}/post")
    public SingleResult<Post> post(@PathVariable String boardName, @Valid @ModelAttribute ParamsPost post) {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
-        String uid = authentication.getName();
-        return responseService.getSingleResult(boardService.writePost(uid, boardName, post));
+        return responseService.getSingleResult(boardService.writePost(Long.valueOf(authentication.getName()), boardName, post));
    }

    @ApiOperation(value = "게시글 상세", notes = "게시글 상세정보를 조회한다.")
@@ -73,8 +72,7 @@ public class BoardController {
    @PutMapping(value = "/post/{postId}")
    public SingleResult<Post> post(@PathVariable long postId, @Valid @ModelAttribute ParamsPost post) {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
-        String uid = authentication.getName();
-        return responseService.getSingleResult(boardService.updatePost(postId, uid, post));
+        return responseService.getSingleResult(boardService.updatePost(postId, Long.valueOf(authentication.getName()), post));
    }

    @ApiImplicitParams({
@@ -84,8 +82,7 @@ public class BoardController {
    @DeleteMapping(value = "/post/{postId}")
    public CommonResult deletePost(@PathVariable long postId) {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
-        String uid = authentication.getName();
-        boardService.deletePost(postId, uid);
+        boardService.deletePost(postId, Long.valueOf(authentication.getName()));
        return responseService.getSuccessResult();
    }
 }
--- a/src/main/java/com/rest/api/service/board/BoardService.java
+++ b/src/main/java/com/rest/api/service/board/BoardService.java
@@ -1,10 +1,8 @@
 package com.rest.api.service.board;

-import com.rest.api.advice.exception.CForbiddenWordException;
 import com.rest.api.advice.exception.CNotOwnerException;
 import com.rest.api.advice.exception.CResourceNotExistException;
 import com.rest.api.advice.exception.CUserNotFoundException;
-import com.rest.api.annotation.ForbiddenWordCheck;
 import com.rest.api.common.CacheKey;
 import com.rest.api.entity.User;
 import com.rest.api.entity.board.Board;
@@ -22,7 +20,6 @@ import org.springframework.cache.annotation.Cacheable;
 import org.springframework.stereotype.Service;

 import javax.transaction.Transactional;
-import java.util.Arrays;
 import java.util.List;
 import java.util.Optional;

@@ -61,20 +58,18 @@ public class BoardService {

    // 게시글을 등록합니다. 게시글의 회원UID가 조회되지 않으면 CUserNotFoundException 처리합니다.
    @CacheEvict(value = CacheKey.POSTS, key = "#boardName")
-    @ForbiddenWordCheck
-    public Post writePost(String uid, String boardName, ParamsPost paramsPost) {
+    public Post writePost(Long msrl, String boardName, ParamsPost paramsPost) {
        Board board = findBoard(boardName);
-        Post post = new Post(userJpaRepo.findByUid(uid).orElseThrow(CUserNotFoundException::new), board, paramsPost.getAuthor(), paramsPost.getTitle(), paramsPost.getContent());
+        Post post = new Post(userJpaRepo.findById(msrl).orElseThrow(CUserNotFoundException::new), board, paramsPost.getAuthor(), paramsPost.getTitle(), paramsPost.getContent());
        return postJpaRepo.save(post);
    }

    // 게시글을 수정합니다. 게시글 등록자와 로그인 회원정보가 틀리면 CNotOwnerException 처리합니다.
    //@CachePut(value = CacheKey.POST, key = "#postId") 갱신된 정보만 캐시할경우에만 사용!
-    @ForbiddenWordCheck
-    public Post updatePost(long postId, String uid, ParamsPost paramsPost) {
+    public Post updatePost(long postId, Long msrl, ParamsPost paramsPost) {
        Post post = getPost(postId);
        User user = post.getUser();
-        if (!uid.equals(user.getUid()))
+        if (!msrl.equals(user.getMsrl()))
            throw new CNotOwnerException();

        // 영속성 컨텍스트의 변경감지(dirty checking) 기능에 의해 조회한 Post내용을 변경만 해도 Update쿼리가 실행됩니다.
@@ -84,10 +79,10 @@ public class BoardService {
    }

    // 게시글을 삭제합니다. 게시글 등록자와 로그인 회원정보가 틀리면 CNotOwnerException 처리합니다.
-    public boolean deletePost(long postId, String uid) {
+    public boolean deletePost(long postId, Long msrl) {
        Post post = getPost(postId);
        User user = post.getUser();
-        if (!uid.equals(user.getUid()))
+        if (!msrl.equals(user.getMsrl()))
            throw new CNotOwnerException();
        postJpaRepo.delete(post);
        cacheSevice.deleteBoardCache(post.getPostId(), post.getBoard().getName());
--- a/src/main/resources/i18n/exception_en.yml
+++ b/src/main/resources/i18n/exception_en.yml
@@ -24,7 +24,4 @@ notOwner:
  msg: "You are not the owner of this resource."
 resourceNotExist:
  code: "-1007"
-  msg: "This resource does not exist."
-forbiddenWord:
-  code: "-1008"
-  msg: "forbidden words ({0}) are included in the input."
+  msg: "This resource does not exist."
--- a/src/main/resources/i18n/exception_ko.yml
+++ b/src/main/resources/i18n/exception_ko.yml
@@ -24,7 +24,4 @@ notOwner:
  msg: "해당 자원의 소유자가 아닙니다."
 resourceNotExist:
  code: "-1007"
-  msg: "요청한 자원이 존재 하지 않습니다."
-forbiddenWord:
-  code: "-1008"
-  msg: "입력한 내용에 금칙어({0})가 포함되어 있습니다."
+  msg: "요청한 자원이 존재 하지 않습니다."
Author	SHA1	Message	Date
kimyonghwa	d69cc6b147	bugfix - update ftl path - delete duplicate security settings	2019-11-14 11:38:35 +09:00
kimyonghwa	1b367a501f	token검증시 회원정보를 조회하지 않고 Authentication정보를 SpringSecurityContext에 세팅하도록 수정	2019-09-26 22:53:41 +09:00