generated from pricelees/issue-pr-template
refactor: AuthController 코틀린 전환
- API Docs 관련 정보를 담고 있는 AuthAPI 추가 및 구현 - CookieUtils를 사용하여 불필요한 컨트롤러 로직 제거
This commit is contained in:
parent
fb3b28e8cd
commit
13b0de16e9
67
src/main/java/roomescape/system/auth/web/AuthAPI.kt
Normal file
67
src/main/java/roomescape/system/auth/web/AuthAPI.kt
Normal file
@ -0,0 +1,67 @@
|
|||||||
|
package roomescape.system.auth.web
|
||||||
|
|
||||||
|
import io.swagger.v3.oas.annotations.Operation
|
||||||
|
import io.swagger.v3.oas.annotations.Parameter
|
||||||
|
import io.swagger.v3.oas.annotations.media.Content
|
||||||
|
import io.swagger.v3.oas.annotations.media.Schema
|
||||||
|
import io.swagger.v3.oas.annotations.responses.ApiResponse
|
||||||
|
import io.swagger.v3.oas.annotations.responses.ApiResponses
|
||||||
|
import io.swagger.v3.oas.annotations.tags.Tag
|
||||||
|
import jakarta.servlet.http.HttpServletRequest
|
||||||
|
import jakarta.servlet.http.HttpServletResponse
|
||||||
|
import jakarta.validation.Valid
|
||||||
|
import org.springframework.http.HttpStatus
|
||||||
|
import org.springframework.web.bind.annotation.RequestBody
|
||||||
|
import org.springframework.web.bind.annotation.ResponseStatus
|
||||||
|
import roomescape.system.auth.web.support.LoginRequired
|
||||||
|
import roomescape.system.auth.web.support.MemberId
|
||||||
|
import roomescape.system.dto.response.ErrorResponse
|
||||||
|
import roomescape.system.dto.response.RoomEscapeApiResponse
|
||||||
|
|
||||||
|
@Tag(name = "1. 인증 / 인가 API", description = "로그인, 로그아웃 및 로그인 상태를 확인합니다")
|
||||||
|
interface AuthAPI {
|
||||||
|
|
||||||
|
@ResponseStatus(HttpStatus.OK)
|
||||||
|
@Operation(summary = "로그인")
|
||||||
|
@ApiResponses(
|
||||||
|
ApiResponse(
|
||||||
|
responseCode = "200",
|
||||||
|
description = "로그인 성공시 쿠키에 토큰 정보를 저장합니다."
|
||||||
|
),
|
||||||
|
ApiResponse(
|
||||||
|
responseCode = "400",
|
||||||
|
description = "존재하지 않는 회원이거나, 이메일 또는 비밀번호가 잘못 입력되었습니다.",
|
||||||
|
content = [Content(schema = Schema(implementation = ErrorResponse::class))]
|
||||||
|
)
|
||||||
|
)
|
||||||
|
fun login(
|
||||||
|
@Valid @RequestBody loginRequest: LoginRequest,
|
||||||
|
response: HttpServletResponse
|
||||||
|
): RoomEscapeApiResponse<Void>
|
||||||
|
|
||||||
|
@ResponseStatus(HttpStatus.OK)
|
||||||
|
@Operation(summary = "로그인 상태 확인")
|
||||||
|
@ApiResponses(
|
||||||
|
ApiResponse(
|
||||||
|
responseCode = "200",
|
||||||
|
description = "로그인 상태이며, 로그인된 회원의 이름을 반환합니다."
|
||||||
|
),
|
||||||
|
ApiResponse(
|
||||||
|
responseCode = "400",
|
||||||
|
description = "쿠키에 있는 토큰 정보로 회원을 조회할 수 없습니다.",
|
||||||
|
content = [Content(schema = Schema(implementation = ErrorResponse::class))]
|
||||||
|
),
|
||||||
|
ApiResponse(
|
||||||
|
responseCode = "401",
|
||||||
|
description = "토큰 정보가 없거나, 만료되었습니다.",
|
||||||
|
content = [Content(schema = Schema(implementation = ErrorResponse::class))]
|
||||||
|
)
|
||||||
|
)
|
||||||
|
fun checkLogin(@MemberId @Parameter(hidden = true) memberId: Long): RoomEscapeApiResponse<LoginCheckResponse>
|
||||||
|
|
||||||
|
@LoginRequired
|
||||||
|
@ResponseStatus(HttpStatus.OK)
|
||||||
|
@Operation(summary = "로그아웃", tags = ["로그인이 필요한 API"])
|
||||||
|
@ApiResponses(ApiResponse(responseCode = "200", description = "로그아웃 성공시 쿠키에 저장된 토큰 정보를 삭제합니다."))
|
||||||
|
fun logout(request: HttpServletRequest, response: HttpServletResponse): RoomEscapeApiResponse<Void>
|
||||||
|
}
|
||||||
@ -1,100 +1,54 @@
|
|||||||
package roomescape.system.auth.web;
|
package roomescape.system.auth.web
|
||||||
|
|
||||||
import org.springframework.http.HttpStatus;
|
import io.swagger.v3.oas.annotations.Parameter
|
||||||
import org.springframework.web.bind.annotation.GetMapping;
|
import jakarta.servlet.http.Cookie
|
||||||
import org.springframework.web.bind.annotation.PostMapping;
|
import jakarta.servlet.http.HttpServletRequest
|
||||||
import org.springframework.web.bind.annotation.RequestBody;
|
import jakarta.servlet.http.HttpServletResponse
|
||||||
import org.springframework.web.bind.annotation.ResponseStatus;
|
import jakarta.validation.Valid
|
||||||
import org.springframework.web.bind.annotation.RestController;
|
import org.springframework.web.bind.annotation.GetMapping
|
||||||
|
import org.springframework.web.bind.annotation.PostMapping
|
||||||
import io.swagger.v3.oas.annotations.Operation;
|
import org.springframework.web.bind.annotation.RequestBody
|
||||||
import io.swagger.v3.oas.annotations.Parameter;
|
import org.springframework.web.bind.annotation.RestController
|
||||||
import io.swagger.v3.oas.annotations.media.Content;
|
import roomescape.system.auth.service.AuthService
|
||||||
import io.swagger.v3.oas.annotations.media.Schema;
|
import roomescape.system.auth.web.support.*
|
||||||
import io.swagger.v3.oas.annotations.responses.ApiResponse;
|
import roomescape.system.dto.response.RoomEscapeApiResponse
|
||||||
import io.swagger.v3.oas.annotations.responses.ApiResponses;
|
|
||||||
import io.swagger.v3.oas.annotations.tags.Tag;
|
|
||||||
import jakarta.servlet.http.Cookie;
|
|
||||||
import jakarta.servlet.http.HttpServletRequest;
|
|
||||||
import jakarta.servlet.http.HttpServletResponse;
|
|
||||||
import jakarta.validation.Valid;
|
|
||||||
import roomescape.system.auth.web.support.LoginRequired;
|
|
||||||
import roomescape.system.auth.web.support.MemberId;
|
|
||||||
import roomescape.system.auth.infrastructure.jwt.TokenDto;
|
|
||||||
import roomescape.system.auth.service.AuthService;
|
|
||||||
import roomescape.system.dto.response.ErrorResponse;
|
|
||||||
import roomescape.system.dto.response.RoomEscapeApiResponse;
|
|
||||||
|
|
||||||
@RestController
|
@RestController
|
||||||
@Tag(name = "1. 인증 / 인가 API", description = "로그인, 로그아웃 및 로그인 상태를 확인합니다")
|
class AuthController(
|
||||||
public class AuthController {
|
private val authService: AuthService
|
||||||
|
) : AuthAPI {
|
||||||
private final AuthService authService;
|
|
||||||
|
|
||||||
public AuthController(AuthService authService) {
|
|
||||||
this.authService = authService;
|
|
||||||
}
|
|
||||||
|
|
||||||
@PostMapping("/login")
|
@PostMapping("/login")
|
||||||
@ResponseStatus(HttpStatus.OK)
|
override fun login(
|
||||||
@Operation(summary = "로그인")
|
@Valid @RequestBody loginRequest: LoginRequest,
|
||||||
@ApiResponses({
|
response: HttpServletResponse
|
||||||
@ApiResponse(responseCode = "200", description = "로그인 성공시 쿠키에 토큰 정보를 저장합니다."),
|
): RoomEscapeApiResponse<Void> {
|
||||||
@ApiResponse(responseCode = "400", description = "존재하지 않는 회원이거나, 이메일 또는 비밀번호가 잘못 입력되었습니다.",
|
val accessToken: TokenResponse = authService.login(loginRequest)
|
||||||
content = @Content(schema = @Schema(implementation = ErrorResponse.class)))
|
val cookie: Cookie = accessToken.toCookie()
|
||||||
})
|
|
||||||
public RoomEscapeApiResponse<Void> login(
|
response.addAccessTokenCookie(cookie)
|
||||||
@Valid @RequestBody LoginRequest loginRequest,
|
|
||||||
HttpServletResponse response
|
return RoomEscapeApiResponse.success()
|
||||||
) {
|
|
||||||
TokenDto tokenInfo = authService.login(loginRequest);
|
|
||||||
addCookieToResponse(new Cookie("accessToken", tokenInfo.accessToken()), response);
|
|
||||||
return RoomEscapeApiResponse.success();
|
|
||||||
}
|
}
|
||||||
|
|
||||||
@GetMapping("/login/check")
|
@GetMapping("/login/check")
|
||||||
@ResponseStatus(HttpStatus.OK)
|
override fun checkLogin(
|
||||||
@Operation(summary = "로그인 상태 확인")
|
@MemberId @Parameter(hidden = true) memberId: Long
|
||||||
@ApiResponses({
|
): RoomEscapeApiResponse<LoginCheckResponse> {
|
||||||
@ApiResponse(responseCode = "200", description = "로그인 상태이며, 로그인된 회원의 이름을 반환합니다."),
|
val response = authService.checkLogin(memberId)
|
||||||
@ApiResponse(responseCode = "400", description = "쿠키에 있는 토큰 정보로 회원을 조회할 수 없습니다.",
|
|
||||||
content = @Content(schema = @Schema(implementation = ErrorResponse.class))),
|
return RoomEscapeApiResponse.success(response)
|
||||||
})
|
|
||||||
public RoomEscapeApiResponse<LoginCheckResponse> checkLogin(@MemberId @Parameter(hidden = true) Long memberId) {
|
|
||||||
LoginCheckResponse response = authService.checkLogin(memberId);
|
|
||||||
return RoomEscapeApiResponse.success(response);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
@LoginRequired
|
|
||||||
@PostMapping("/logout")
|
@PostMapping("/logout")
|
||||||
@ResponseStatus(HttpStatus.OK)
|
override fun logout(
|
||||||
@Operation(summary = "로그아웃", tags = "로그인이 필요한 API")
|
request: HttpServletRequest,
|
||||||
@ApiResponses({
|
response: HttpServletResponse
|
||||||
@ApiResponse(responseCode = "200", description = "로그아웃 성공시 쿠키에 저장된 토큰 정보를 삭제합니다.")
|
): RoomEscapeApiResponse<Void> {
|
||||||
})
|
val cookie: Cookie = request.accessTokenCookie()
|
||||||
public RoomEscapeApiResponse<Void> logout(
|
cookie.expire()
|
||||||
HttpServletRequest request,
|
response.addAccessTokenCookie(cookie)
|
||||||
HttpServletResponse response
|
|
||||||
) {
|
|
||||||
Cookie cookie = getTokenCookie(request);
|
|
||||||
cookie.setValue(null);
|
|
||||||
cookie.setMaxAge(0);
|
|
||||||
addCookieToResponse(cookie, response);
|
|
||||||
return RoomEscapeApiResponse.success();
|
|
||||||
}
|
|
||||||
|
|
||||||
private Cookie getTokenCookie(HttpServletRequest request) {
|
return RoomEscapeApiResponse.success()
|
||||||
for (Cookie cookie : request.getCookies()) {
|
|
||||||
if (cookie.getName().equals("accessToken")) {
|
|
||||||
return cookie;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
return new Cookie("accessToken", null);
|
|
||||||
}
|
|
||||||
|
|
||||||
private void addCookieToResponse(Cookie cookie, HttpServletResponse response) {
|
|
||||||
cookie.setHttpOnly(true);
|
|
||||||
|
|
||||||
response.addCookie(cookie);
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user