From 7ac59d0b9982a861a31978e7b574728b9157f90c Mon Sep 17 00:00:00 2001 From: changmink Date: Thu, 10 Jun 2021 21:32:57 +0900 Subject: [PATCH 1/2] =?UTF-8?q?[NoIssue]=20=EC=83=81=ED=83=9C=20=EC=BD=94?= =?UTF-8?q?=EB=93=9C=20=EC=B6=94=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/main/java/com/devin/dev/utils/StatusCode.java | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/src/main/java/com/devin/dev/utils/StatusCode.java b/src/main/java/com/devin/dev/utils/StatusCode.java index 78dfed3..95bd0d3 100644 --- a/src/main/java/com/devin/dev/utils/StatusCode.java +++ b/src/main/java/com/devin/dev/utils/StatusCode.java @@ -7,10 +7,16 @@ public enum StatusCode { BAD_REQUEST(400), UNAUTHORIZED(401), FORBIDDEN(403), - NOT_FOUND(404), + NOT_FOUND(404), // 페이지가 없는 경우 INTERNAL_SERVER_ERROR(500), SERVICE_UNAVAILABLE(503), - DB_ERROR(600); + DB_ERROR(600), + SUCCESS(0), + FAIL_AUTH(400001), + NOT_ENOUGH_PARM(40002), + NOT_EXIST(400003), // 찾으려는 정보가 없는 경우 + CONDITION_FAIL(40004), + ; StatusCode(int code) { } From 4f64c36023a5fd26b908db8a2aafa9a8502c3204 Mon Sep 17 00:00:00 2001 From: changmink Date: Fri, 11 Jun 2021 01:58:43 +0900 Subject: [PATCH 2/2] =?UTF-8?q?[#7]=20=ED=86=A0=ED=81=B0=20=EA=B8=B0?= =?UTF-8?q?=EB=B0=98=20=EB=A1=9C=EA=B7=B8=EC=9D=B8=EC=9C=BC=EB=A1=9C=20?= =?UTF-8?q?=EB=B3=80=EA=B2=BD?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- build.gradle | 5 ++ gradlew | 0 .../dev/controller/Auth/AuthController.java | 26 ++++++ .../dev/controller/post/PostController.java | 1 - .../dev/controller/user/UserController.java | 80 +++++++++---------- .../dev/dto/user/UserLoginRequestDto.java | 9 +++ .../dev/dto/user/UserLoginResponseDto.java | 20 +++++ .../com/devin/dev/dto/user/UserSimpleDto.java | 20 +++-- .../java/com/devin/dev/entity/user/User.java | 10 +-- .../com/devin/dev/security/JwtAuthToken.java | 10 +++ .../dev/security/JwtAuthTokenProvider.java | 66 +++++++++++++++ .../dev/security/LoginSuccessHandler.java | 4 - .../dev/security/SecurityConfiguration.java | 36 ++++----- .../devin/dev/security/TokenAuthFilter.java | 45 +++++++++++ .../com/devin/dev/service/UserService.java | 50 ++++++++++-- .../devin/dev/service/UserServiceTest.java | 9 +-- 16 files changed, 296 insertions(+), 95 deletions(-) mode change 100644 => 100755 gradlew create mode 100644 src/main/java/com/devin/dev/controller/Auth/AuthController.java create mode 100644 src/main/java/com/devin/dev/dto/user/UserLoginRequestDto.java create mode 100644 src/main/java/com/devin/dev/dto/user/UserLoginResponseDto.java create mode 100644 src/main/java/com/devin/dev/security/JwtAuthToken.java create mode 100644 src/main/java/com/devin/dev/security/JwtAuthTokenProvider.java create mode 100644 src/main/java/com/devin/dev/security/TokenAuthFilter.java diff --git a/build.gradle b/build.gradle index 0ef38c1..d27b0f5 100644 --- a/build.gradle +++ b/build.gradle @@ -43,6 +43,11 @@ dependencies { annotationProcessor 'org.projectlombok:lombok' //querydsl 추가 implementation 'com.querydsl:querydsl-jpa' + + // jjwt + compile 'io.jsonwebtoken:jjwt-api:0.11.2' + runtime 'io.jsonwebtoken:jjwt-impl:0.11.2', + 'io.jsonwebtoken:jjwt-jackson:0.11.2' } test { diff --git a/gradlew b/gradlew old mode 100644 new mode 100755 diff --git a/src/main/java/com/devin/dev/controller/Auth/AuthController.java b/src/main/java/com/devin/dev/controller/Auth/AuthController.java new file mode 100644 index 0000000..aebc5c6 --- /dev/null +++ b/src/main/java/com/devin/dev/controller/Auth/AuthController.java @@ -0,0 +1,26 @@ +package com.devin.dev.controller.Auth; + +import com.devin.dev.dto.user.UserLoginRequestDto; +import com.devin.dev.dto.user.UserSimpleDto; +import com.devin.dev.model.DefaultResponse; +import com.devin.dev.service.UserService; +import lombok.RequiredArgsConstructor; +import org.springframework.web.bind.annotation.PostMapping; +import org.springframework.web.bind.annotation.RequestBody; +import org.springframework.web.bind.annotation.RestController; + +@RestController +@RequiredArgsConstructor +public class AuthController { + private final UserService userService; + + @PostMapping("/user/login") + public DefaultResponse login(@RequestBody UserLoginRequestDto userLoginRequestDto) { + return userService.login(userLoginRequestDto); + } + + @PostMapping("/user/join") + public DefaultResponse join(@RequestBody UserSimpleDto userSimpleDto) { + return userService.join(userSimpleDto); + } +} diff --git a/src/main/java/com/devin/dev/controller/post/PostController.java b/src/main/java/com/devin/dev/controller/post/PostController.java index 5ee7c4a..df76aa0 100644 --- a/src/main/java/com/devin/dev/controller/post/PostController.java +++ b/src/main/java/com/devin/dev/controller/post/PostController.java @@ -3,7 +3,6 @@ import com.devin.dev.model.DefaultResponse; import com.devin.dev.service.PostService; import lombok.RequiredArgsConstructor; -import org.springframework.data.domain.PageRequest; import org.springframework.data.domain.Sort; import org.springframework.data.web.PageableDefault; import org.springframework.web.bind.annotation.GetMapping; diff --git a/src/main/java/com/devin/dev/controller/user/UserController.java b/src/main/java/com/devin/dev/controller/user/UserController.java index fdb73d2..33e8254 100644 --- a/src/main/java/com/devin/dev/controller/user/UserController.java +++ b/src/main/java/com/devin/dev/controller/user/UserController.java @@ -20,45 +20,45 @@ @RequiredArgsConstructor public class UserController { - private final UserService userService; - - @GetMapping("/login") - public String getLoginForm() { - return "loginPage"; - } - - @GetMapping("/signUp") - public String getSignUpForm() { - return "signupPage"; - } - - @PostMapping("/signUp") - public String signUp(@Valid UserSimpleDto form, BindingResult result) { - - System.out.println("form = " + form); - - if (result.hasErrors()) { - return "redirect:/"; - } - - - userService.signUp(form); - - return "redirect:/"; - } - - @GetMapping("/") - public String getIndex(Model model) { - Object principal = SecurityContextHolder.getContext().getAuthentication().getPrincipal(); - String username; - if (principal instanceof UserDetails) { - username = ((UserDetails) principal).getUsername(); - } else { - username = principal.toString(); - } - model.addAttribute("username", username); - - return "index"; - } +// private final UserService userService; +// +// @GetMapping("/login") +// public String getLoginForm() { +// return "loginPage"; +// } +// +// @GetMapping("/signUp") +// public String getSignUpForm() { +// return "signupPage"; +// } +// +// @PostMapping("/signUp") +// public String signUp(@Valid UserSimpleDto form, BindingResult result) { +// +// System.out.println("form = " + form); +// +// if (result.hasErrors()) { +// return "redirect:/"; +// } +// +// +// userService.signUp(form); +// +// return "redirect:/"; +// } +// +// @GetMapping("/") +// public String getIndex(Model model) { +// Object principal = SecurityContextHolder.getContext().getAuthentication().getPrincipal(); +// String username; +// if (principal instanceof UserDetails) { +// username = ((UserDetails) principal).getUsername(); +// } else { +// username = principal.toString(); +// } +// model.addAttribute("username", username); +// +// return "index"; +// } } diff --git a/src/main/java/com/devin/dev/dto/user/UserLoginRequestDto.java b/src/main/java/com/devin/dev/dto/user/UserLoginRequestDto.java new file mode 100644 index 0000000..5a6711c --- /dev/null +++ b/src/main/java/com/devin/dev/dto/user/UserLoginRequestDto.java @@ -0,0 +1,9 @@ +package com.devin.dev.dto.user; + +import lombok.Data; + +@Data +public class UserLoginRequestDto { + String userEmail; + String userPassword; +} diff --git a/src/main/java/com/devin/dev/dto/user/UserLoginResponseDto.java b/src/main/java/com/devin/dev/dto/user/UserLoginResponseDto.java new file mode 100644 index 0000000..ca58224 --- /dev/null +++ b/src/main/java/com/devin/dev/dto/user/UserLoginResponseDto.java @@ -0,0 +1,20 @@ +package com.devin.dev.dto.user; + +import com.devin.dev.entity.user.User; +import com.devin.dev.security.JwtAuthToken; +import lombok.Data; + +@Data +public class UserLoginResponseDto { + private Long userId; + private String userProfile; + private String userName; + private String token; + + public UserLoginResponseDto(User user, JwtAuthToken token) { + this.userId = user.getId(); + this.userProfile = user.getProfile(); + this.userName = user.getName(); + this.token = token.getToken(); + } +} diff --git a/src/main/java/com/devin/dev/dto/user/UserSimpleDto.java b/src/main/java/com/devin/dev/dto/user/UserSimpleDto.java index 82aa312..44e5909 100644 --- a/src/main/java/com/devin/dev/dto/user/UserSimpleDto.java +++ b/src/main/java/com/devin/dev/dto/user/UserSimpleDto.java @@ -1,6 +1,5 @@ package com.devin.dev.dto.user; -import com.devin.dev.entity.user.UserStatus; import com.querydsl.core.annotations.QueryProjection; import lombok.Data; @@ -8,19 +7,18 @@ @Data public class UserSimpleDto { - - private String name; + private String userName; @NotEmpty(message = "email은 필수 입니다") - private String email; + private String userEmail; @NotEmpty(message = "password는 필수 입니다") - private String password; - private String phone_number; + private String userPassword; + private String userPhoneNumber; @QueryProjection - public UserSimpleDto(String name, String email, String password, String phone_number) { - this.name = name; - this.email = email; - this.password = password; - this.phone_number = phone_number; + public UserSimpleDto(String userName, String userEmail, String userPassword, String userPhoneNumber) { + this.userName = userName; + this.userEmail = userEmail; + this.userPassword = userPassword; + this.userPhoneNumber = userPhoneNumber; } } diff --git a/src/main/java/com/devin/dev/entity/user/User.java b/src/main/java/com/devin/dev/entity/user/User.java index 52753be..1630ef5 100644 --- a/src/main/java/com/devin/dev/entity/user/User.java +++ b/src/main/java/com/devin/dev/entity/user/User.java @@ -1,10 +1,8 @@ package com.devin.dev.entity.user; -import com.devin.dev.dto.user.UserDetailsDto; import com.devin.dev.dto.user.UserSimpleDto; import com.devin.dev.entity.base.Created; import com.devin.dev.entity.post.Post; -import com.devin.dev.entity.post.PostTag; import com.devin.dev.entity.reply.Reply; import com.devin.dev.entity.service.CustomerService; import lombok.AccessLevel; @@ -78,10 +76,10 @@ public User(String name, String email, String password, String phone_number, Use } public User(UserSimpleDto userDto) { - this.name = userDto.getName(); - this.email = userDto.getEmail(); - this.password = userDto.getPassword(); - this.phone_number = userDto.getPhone_number(); + this.name = userDto.getUserName(); + this.email = userDto.getUserEmail(); + this.password = userDto.getUserPassword(); + this.phone_number = userDto.getUserPhoneNumber(); this.status = UserStatus.ACTIVE; this.exp = 0L; } diff --git a/src/main/java/com/devin/dev/security/JwtAuthToken.java b/src/main/java/com/devin/dev/security/JwtAuthToken.java new file mode 100644 index 0000000..060e6f6 --- /dev/null +++ b/src/main/java/com/devin/dev/security/JwtAuthToken.java @@ -0,0 +1,10 @@ +package com.devin.dev.security; + +import lombok.Builder; +import lombok.Getter; + +@Builder +@Getter +public class JwtAuthToken { + private String token; +} diff --git a/src/main/java/com/devin/dev/security/JwtAuthTokenProvider.java b/src/main/java/com/devin/dev/security/JwtAuthTokenProvider.java new file mode 100644 index 0000000..40fa85e --- /dev/null +++ b/src/main/java/com/devin/dev/security/JwtAuthTokenProvider.java @@ -0,0 +1,66 @@ +package com.devin.dev.security; + +import io.jsonwebtoken.*; +import io.jsonwebtoken.io.Decoders; +import io.jsonwebtoken.security.Keys; +import io.jsonwebtoken.security.SignatureException; +import org.springframework.stereotype.Component; + +import javax.crypto.SecretKey; +import javax.servlet.http.HttpServletRequest; +import java.time.LocalDateTime; +import java.time.ZoneId; +import java.time.temporal.ChronoUnit; +import java.util.Date; + +@Component +public class JwtAuthTokenProvider { + private static final String SECRET_KEY = "J2KBJ2KBJ2KBJ2KBJ2KBJ2KBJ2KBJ2KBJ2KBJ2KBJ2KBJ2KBJ2KBJ2KB"; + private static final long EXPIRATION_MS = 1000 * 60 * 60 * 24; + + public JwtAuthToken publishToken(Long userId) { + return JwtAuthToken.builder().token(generateToken(userId)).build(); + } + + private String generateToken(Long userId) { + LocalDateTime now = LocalDateTime.now(); + LocalDateTime expiredAt = now.plus(EXPIRATION_MS, ChronoUnit.MILLIS); + SecretKey key = Keys.hmacShaKeyFor(Decoders.BASE64.decode(SECRET_KEY)); + return Jwts.builder() + .setSubject(String.valueOf(userId)) + .setIssuedAt(Date.from(now.atZone(ZoneId.systemDefault()).toInstant())) + .setExpiration(Date.from(expiredAt.atZone(ZoneId.systemDefault()).toInstant())) + .signWith(key) + .compact(); + } + + public String parseToken(HttpServletRequest request) { + String bearerToken = request.getHeader("Authorization"); + if (bearerToken != null && bearerToken.startsWith("Bearer ")) { + return bearerToken.substring(7); + } + return null; + } + + public Long getUserId(String token) { + Claims claims = Jwts.parser() + .setSigningKey(SECRET_KEY) + .parseClaimsJws(token) + .getBody(); + return Long.parseLong(claims.getSubject()); + } + + public boolean validateToken(String token) { + if (token != null && !token.equals("")) { + try { + Jwts.parser().setSigningKey(SECRET_KEY).parseClaimsJws(token); + return true; + } catch (Exception e) { + throw new RuntimeException(); + } + } + return false; + } + + +} diff --git a/src/main/java/com/devin/dev/security/LoginSuccessHandler.java b/src/main/java/com/devin/dev/security/LoginSuccessHandler.java index d4af74f..98f99fe 100644 --- a/src/main/java/com/devin/dev/security/LoginSuccessHandler.java +++ b/src/main/java/com/devin/dev/security/LoginSuccessHandler.java @@ -14,9 +14,5 @@ public class LoginSuccessHandler implements AuthenticationSuccessHandler { @Override public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException { HttpSession session = request.getSession(); - - session.setAttribute("greeting", "welcome " + authentication.getName()); - System.out.println("session.getAttribute(\"greeting\") = " + session.getAttribute("greeting")); - response.sendRedirect("/"); } } diff --git a/src/main/java/com/devin/dev/security/SecurityConfiguration.java b/src/main/java/com/devin/dev/security/SecurityConfiguration.java index cd025cc..14c69c4 100644 --- a/src/main/java/com/devin/dev/security/SecurityConfiguration.java +++ b/src/main/java/com/devin/dev/security/SecurityConfiguration.java @@ -8,10 +8,15 @@ import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.security.crypto.password.PasswordEncoder; +import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; @Configuration @EnableWebSecurity public class SecurityConfiguration extends WebSecurityConfigurerAdapter { + private static final String[] PUBLIC_URI = { + "/user/**", "/postlist/**" + }; + @Bean public PasswordEncoder getPasswordEncoder() { return new BCryptPasswordEncoder(); @@ -20,28 +25,19 @@ public PasswordEncoder getPasswordEncoder() { @Override protected void configure(HttpSecurity http) throws Exception { http - .cors().disable() // cors 비활성화 - .csrf().disable() // csrf 비활성화 - .authorizeRequests() - .antMatchers("/login", "/signUp") + .cors().disable() // cors 비활성화 + .csrf().disable() // csrf 비활성화 + .authorizeRequests() + .antMatchers("/user/**", "/postlist/**") .permitAll() - .anyRequest() - .authenticated() - .and() - .formLogin() - .loginPage("/login") - .loginProcessingUrl("/signIn") - .usernameParameter("email") - .passwordParameter("password") - .successHandler(new LoginSuccessHandler()) - .and() - .logout() - .logoutUrl("/logout") - .logoutSuccessUrl("/login"); + .anyRequest() + .authenticated(); + + http.addFilterBefore(tokenAuthFilter(), UsernamePasswordAuthenticationFilter.class); } - @Override - public void configure(WebSecurity web) throws Exception { - web.ignoring().antMatchers("/postlist/**"); + @Bean + public TokenAuthFilter tokenAuthFilter() { + return new TokenAuthFilter(); } } diff --git a/src/main/java/com/devin/dev/security/TokenAuthFilter.java b/src/main/java/com/devin/dev/security/TokenAuthFilter.java new file mode 100644 index 0000000..40ab49e --- /dev/null +++ b/src/main/java/com/devin/dev/security/TokenAuthFilter.java @@ -0,0 +1,45 @@ +package com.devin.dev.security; + +import com.devin.dev.entity.user.User; +import com.devin.dev.service.UserService; +import lombok.RequiredArgsConstructor; + +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; +import org.springframework.security.core.context.SecurityContextHolder; +import org.springframework.security.core.userdetails.UsernameNotFoundException; +import org.springframework.security.web.authentication.WebAuthenticationDetailsSource; +import org.springframework.web.filter.OncePerRequestFilter; + +import javax.servlet.FilterChain; +import javax.servlet.ServletException; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.io.IOException; + +public class TokenAuthFilter extends OncePerRequestFilter { + + @Autowired + private JwtAuthTokenProvider tokenProvider; + + @Autowired + private UserService userService; + + @Override + protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) + throws ServletException, IOException { + String token = tokenProvider.parseToken(request); + if (tokenProvider.validateToken(token)) { + Long userId = tokenProvider.getUserId(token); + try { + User user = userService.findUserById(userId); + UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken(user.getName(), user.getPassword()); + authentication.setDetails(new WebAuthenticationDetailsSource().buildDetails(request)); + SecurityContextHolder.getContext().setAuthentication(authentication); + } catch (UsernameNotFoundException e) { + throw new RuntimeException(); + } + } + filterChain.doFilter(request, response); + } +} diff --git a/src/main/java/com/devin/dev/service/UserService.java b/src/main/java/com/devin/dev/service/UserService.java index a1a8bc1..fa0595c 100644 --- a/src/main/java/com/devin/dev/service/UserService.java +++ b/src/main/java/com/devin/dev/service/UserService.java @@ -1,14 +1,19 @@ package com.devin.dev.service; import com.devin.dev.dto.user.UserDetailsDto; +import com.devin.dev.dto.user.UserLoginRequestDto; +import com.devin.dev.dto.user.UserLoginResponseDto; import com.devin.dev.dto.user.UserSimpleDto; import com.devin.dev.entity.user.User; import com.devin.dev.entity.user.UserStatus; import com.devin.dev.model.DefaultResponse; import com.devin.dev.repository.user.UserRepository; +import com.devin.dev.security.JwtAuthToken; +import com.devin.dev.security.JwtAuthTokenProvider; import com.devin.dev.utils.ResponseMessage; import com.devin.dev.utils.StatusCode; import lombok.RequiredArgsConstructor; +import org.springframework.security.authentication.BadCredentialsException; import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.stereotype.Service; import org.springframework.transaction.annotation.Transactional; @@ -20,21 +25,21 @@ public class UserService { private final PasswordEncoder passwordEncoder; - + private final JwtAuthTokenProvider jwtAuthTokenProvider; private final UserRepository userRepository; @Transactional public DefaultResponse signUp(UserSimpleDto userDto) { // 엔티티 조회 - Optional foundUser = userRepository.findByEmailEquals(userDto.getEmail()); + Optional foundUser = userRepository.findByEmailEquals(userDto.getUserEmail()); if (foundUser.isPresent()) { return new DefaultResponse<>(StatusCode.BAD_REQUEST, ResponseMessage.EXIST_USER_EMAIL); } // 비밀번호 암호화 - String password = userDto.getPassword(); + String password = userDto.getUserPassword(); String encodePassword = passwordEncoder.encode(password); - userDto.setPassword(encodePassword); + userDto.setUserPassword(encodePassword); // 엔티티 생성 후 저장 User user = new User(userDto); @@ -48,14 +53,14 @@ public DefaultResponse signUp(UserSimpleDto userDto) { @Transactional(readOnly = true) public DefaultResponse signIn(UserSimpleDto userDto) { // DTO email 로 조회 - Optional userOptional = userRepository.findUserDetailsByEmail(userDto.getEmail()); + Optional userOptional = userRepository.findUserDetailsByEmail(userDto.getUserEmail()); if (userOptional.isEmpty()) { return new DefaultResponse<>(StatusCode.BAD_REQUEST, ResponseMessage.NOT_FOUND_EMAIL); } UserDetailsDto userDetailsDto = userOptional.get(); // 비밀번호 체크 - boolean passwordCheck = passwordEncoder.matches(userDto.getPassword(), userDetailsDto.getPassword()); + boolean passwordCheck = passwordEncoder.matches(userDto.getUserPassword(), userDetailsDto.getPassword()); if (!passwordCheck) { return new DefaultResponse<>(StatusCode.BAD_REQUEST, ResponseMessage.INCORRECT_PASSWORD); } @@ -71,14 +76,14 @@ public DefaultResponse signIn(UserSimpleDto userDto) { @Transactional public DefaultResponse changeStatus(UserSimpleDto userDto, UserStatus userStatus) { // 엔티티 조회 - Optional userOptional = userRepository.findByEmailEquals(userDto.getEmail()); + Optional userOptional = userRepository.findByEmailEquals(userDto.getUserEmail()); if (userOptional.isEmpty()) { return new DefaultResponse<>(StatusCode.BAD_REQUEST, ResponseMessage.NOT_FOUND_USER); } User user = userOptional.get(); // 비밀번호 체크 - boolean passwordCheck = passwordEncoder.matches(userDto.getPassword(), user.getPassword()); + boolean passwordCheck = passwordEncoder.matches(userDto.getUserPassword(), user.getPassword()); if (!passwordCheck) { return new DefaultResponse<>(StatusCode.BAD_REQUEST, ResponseMessage.INCORRECT_PASSWORD); } @@ -91,4 +96,33 @@ public DefaultResponse changeStatus(UserSimpleDto userDto, UserS return new DefaultResponse<>(StatusCode.BAD_REQUEST, ResponseMessage.CHANGE_USER_STATUS, userDetailsDto); } + @Transactional + public User findUserById(Long userId) { + Optional findUser = userRepository.findById(userId); + if(findUser.isPresent()) { + return findUser.get(); + } + return null; + } + + @Transactional + public DefaultResponse join(UserSimpleDto userSimpleDto) { + userSimpleDto.setUserPassword(passwordEncoder.encode(userSimpleDto.getUserPassword())); + User user = userRepository.save(new User(userSimpleDto)); + return new DefaultResponse<>(StatusCode.CREATED, ResponseMessage.CREATED_USER, user.getId()); + } + + @Transactional + public DefaultResponse login(UserLoginRequestDto userLoginRequestDto) { + String email = userLoginRequestDto.getUserEmail(); + String password = userLoginRequestDto.getUserPassword(); + User user = userRepository.findByEmailEquals(email) + .orElseThrow(() -> new RuntimeException()); + if (!passwordEncoder.matches(password, user.getPassword())) { + throw new BadCredentialsException("Password not matched"); + } + JwtAuthToken token = jwtAuthTokenProvider.publishToken(user.getId()); + UserLoginResponseDto responseDto = new UserLoginResponseDto(user, token); + return new DefaultResponse<>(StatusCode.OK, ResponseMessage.LOGIN_SUCCESS, responseDto); + } } diff --git a/src/test/java/com/devin/dev/service/UserServiceTest.java b/src/test/java/com/devin/dev/service/UserServiceTest.java index d1e468b..7e6c8d5 100644 --- a/src/test/java/com/devin/dev/service/UserServiceTest.java +++ b/src/test/java/com/devin/dev/service/UserServiceTest.java @@ -10,7 +10,6 @@ import org.springframework.beans.factory.annotation.Autowired; import org.springframework.boot.test.context.SpringBootTest; import org.springframework.security.crypto.password.PasswordEncoder; -import org.springframework.test.annotation.Rollback; import org.springframework.transaction.annotation.Transactional; import javax.persistence.EntityManager; @@ -88,7 +87,7 @@ void signInSucceed() { em.flush(); // 암호화 하기 전 패스워드로 변경 - userDto.setPassword("passA"); + userDto.setUserPassword("passA"); // 조회 DefaultResponse response = userService.signIn(userDto); @@ -109,8 +108,8 @@ void signInFailedWrongEmail() { em.flush(); // 틀린 이메일 - userDto.setEmail("aa@b.com"); - userDto.setPassword("passA"); + userDto.setUserEmail("aa@b.com"); + userDto.setUserPassword("passA"); // 조회 DefaultResponse response = userService.signIn(userDto); @@ -130,7 +129,7 @@ void signInFailedWrongPassword() { em.flush(); // 틀린 패스워드 - userDto.setPassword("paddmvjdj"); + userDto.setUserPassword("paddmvjdj"); // 조회 DefaultResponse response = userService.signIn(userDto);