From 61ac2f15bf20f501b1cc29d879e439d020b79930 Mon Sep 17 00:00:00 2001 From: pricelees Date: Sun, 13 Jul 2025 20:46:37 +0900 Subject: [PATCH] =?UTF-8?q?refactor:=20=EC=9D=B8=ED=84=B0=EC=85=89?= =?UTF-8?q?=ED=84=B0=20=EC=BD=94=ED=8B=80=EB=A6=B0=20=EC=A0=84=ED=99=98=20?= =?UTF-8?q?=EB=B0=8F=20=ED=81=B4=EB=9E=98=EC=8A=A4=20=ED=86=B5=ED=95=A9?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../auth/web/support/AdminInterceptor.java | 85 ------------------ .../auth/web/support/AuthInterceptors.kt | 90 +++++++++++++++++++ .../auth/web/support/LoginInterceptor.java | 78 ---------------- 3 files changed, 90 insertions(+), 163 deletions(-) delete mode 100644 src/main/java/roomescape/system/auth/web/support/AdminInterceptor.java create mode 100644 src/main/java/roomescape/system/auth/web/support/AuthInterceptors.kt delete mode 100644 src/main/java/roomescape/system/auth/web/support/LoginInterceptor.java diff --git a/src/main/java/roomescape/system/auth/web/support/AdminInterceptor.java b/src/main/java/roomescape/system/auth/web/support/AdminInterceptor.java deleted file mode 100644 index 6fc60e79..00000000 --- a/src/main/java/roomescape/system/auth/web/support/AdminInterceptor.java +++ /dev/null @@ -1,85 +0,0 @@ -package roomescape.system.auth.web.support; - -import java.util.Arrays; - -import org.springframework.http.HttpStatus; -import org.springframework.stereotype.Component; -import org.springframework.web.method.HandlerMethod; -import org.springframework.web.servlet.HandlerInterceptor; - -import jakarta.servlet.http.Cookie; -import jakarta.servlet.http.HttpServletRequest; -import jakarta.servlet.http.HttpServletResponse; -import roomescape.member.business.MemberService; -import roomescape.member.infrastructure.persistence.Member; -import roomescape.system.auth.infrastructure.jwt.JwtHandler; -import roomescape.system.exception.ErrorType; -import roomescape.system.exception.RoomEscapeException; - -@Component -public class AdminInterceptor implements HandlerInterceptor { - - private static final String ACCESS_TOKEN_COOKIE_NAME = "accessToken"; - private final MemberService memberService; - private final JwtHandler jwtHandler; - - public AdminInterceptor(MemberService memberService, JwtHandler jwtHandler) { - this.memberService = memberService; - this.jwtHandler = jwtHandler; - } - - @Override - public boolean preHandle( - HttpServletRequest request, - HttpServletResponse response, - Object handler - ) - throws Exception { - if (isHandlerIrrelevantWithAdmin(handler)) { - return true; - } - - Member member; - try { - Cookie token = getToken(request); - Long memberId = jwtHandler.getMemberIdFromToken(token.getValue()); - member = memberService.findById(memberId); - } catch (RoomEscapeException e) { - response.sendRedirect("/login"); - throw e; - } - - if (member.isAdmin()) { - return true; - } else { - response.sendRedirect("/login"); - throw new RoomEscapeException(ErrorType.PERMISSION_DOES_NOT_EXIST, - String.format("[memberId: %d, Role: %s]", member.getId(), member.getRole()), HttpStatus.FORBIDDEN); - } - } - - private Cookie getToken(HttpServletRequest request) { - validateCookieHeader(request); - - Cookie[] cookies = request.getCookies(); - return Arrays.stream(cookies) - .filter(cookie -> cookie.getName().equals(ACCESS_TOKEN_COOKIE_NAME)) - .findAny() - .orElseThrow(() -> new RoomEscapeException(ErrorType.INVALID_TOKEN, HttpStatus.UNAUTHORIZED)); - } - - private void validateCookieHeader(HttpServletRequest request) { - String cookieHeader = request.getHeader("Cookie"); - if (cookieHeader == null) { - throw new RoomEscapeException(ErrorType.NOT_EXIST_COOKIE, HttpStatus.UNAUTHORIZED); - } - } - - private boolean isHandlerIrrelevantWithAdmin(Object handler) { - if (!(handler instanceof HandlerMethod handlerMethod)) { - return true; - } - Admin adminAnnotation = handlerMethod.getMethodAnnotation(Admin.class); - return adminAnnotation == null; - } -} diff --git a/src/main/java/roomescape/system/auth/web/support/AuthInterceptors.kt b/src/main/java/roomescape/system/auth/web/support/AuthInterceptors.kt new file mode 100644 index 00000000..7ef82712 --- /dev/null +++ b/src/main/java/roomescape/system/auth/web/support/AuthInterceptors.kt @@ -0,0 +1,90 @@ +package roomescape.system.auth.web.support + +import jakarta.servlet.http.HttpServletRequest +import jakarta.servlet.http.HttpServletResponse +import org.springframework.http.HttpStatus +import org.springframework.stereotype.Component +import org.springframework.web.method.HandlerMethod +import org.springframework.web.servlet.HandlerInterceptor +import roomescape.member.business.MemberService +import roomescape.member.infrastructure.persistence.Member +import roomescape.system.auth.infrastructure.jwt.JwtHandler +import roomescape.system.exception.ErrorType +import roomescape.system.exception.RoomEscapeException + +private fun Any.isIrrelevantWith(annotationType: Class): Boolean { + if (this !is HandlerMethod) { + return true + } + return !this.hasMethodAnnotation(annotationType) +} + +@Component +class LoginInterceptor( + private val memberService: MemberService, + private val jwtHandler: JwtHandler +) : HandlerInterceptor { + + @Throws(Exception::class) + override fun preHandle( + request: HttpServletRequest, + response: HttpServletResponse, + handler: Any + ): Boolean { + if (handler.isIrrelevantWith(LoginRequired::class.java)) { + return true + } + + try { + val token: String? = request.accessTokenCookie().value + val memberId: Long = jwtHandler.getMemberIdFromToken(token) + + return memberService.existsById(memberId) + } catch (e: RoomEscapeException) { + response.sendRedirect("/login") + throw RoomEscapeException(ErrorType.LOGIN_REQUIRED, HttpStatus.FORBIDDEN) + } + } +} + +@Component +class AdminInterceptor( + private val memberService: MemberService, + private val jwtHandler: JwtHandler +) : HandlerInterceptor { + + @Throws(Exception::class) + override fun preHandle( + request: HttpServletRequest, + response: HttpServletResponse, + handler: Any + ): Boolean { + if (handler.isIrrelevantWith(Admin::class.java)) { + return true + } + + val member: Member? + + try { + val token: String? = request.accessTokenCookie().value + val memberId: Long = jwtHandler.getMemberIdFromToken(token) + member = memberService.findById(memberId) + } catch (e: RoomEscapeException) { + response.sendRedirect("/login") + throw e + } + + with(member) { + if (this.isAdmin()) { + return true + } + + response.sendRedirect("/login") + throw RoomEscapeException( + ErrorType.PERMISSION_DOES_NOT_EXIST, + String.format("[memberId: %d, Role: %s]", this.id, this.role), + HttpStatus.FORBIDDEN + ) + } + } +} diff --git a/src/main/java/roomescape/system/auth/web/support/LoginInterceptor.java b/src/main/java/roomescape/system/auth/web/support/LoginInterceptor.java deleted file mode 100644 index eed33819..00000000 --- a/src/main/java/roomescape/system/auth/web/support/LoginInterceptor.java +++ /dev/null @@ -1,78 +0,0 @@ -package roomescape.system.auth.web.support; - -import java.util.Arrays; - -import org.springframework.http.HttpStatus; -import org.springframework.stereotype.Component; -import org.springframework.web.method.HandlerMethod; -import org.springframework.web.servlet.HandlerInterceptor; - -import jakarta.servlet.http.Cookie; -import jakarta.servlet.http.HttpServletRequest; -import jakarta.servlet.http.HttpServletResponse; -import roomescape.member.business.MemberService; -import roomescape.member.infrastructure.persistence.Member; -import roomescape.system.auth.infrastructure.jwt.JwtHandler; -import roomescape.system.exception.ErrorType; -import roomescape.system.exception.RoomEscapeException; - -@Component -public class LoginInterceptor implements HandlerInterceptor { - - private static final String ACCESS_TOKEN_COOKIE_NAME = "accessToken"; - private final MemberService memberService; - private final JwtHandler jwtHandler; - - public LoginInterceptor(MemberService memberService, JwtHandler jwtHandler) { - this.memberService = memberService; - this.jwtHandler = jwtHandler; - } - - @Override - public boolean preHandle( - HttpServletRequest request, - HttpServletResponse response, - Object handler - ) - throws Exception { - if (isHandlerIrrelevantWithLoginRequired(handler)) { - return true; - } - - Member member; - try { - Cookie token = getToken(request); - Long memberId = jwtHandler.getMemberIdFromToken(token.getValue()); - member = memberService.findById(memberId); - return member != null; - } catch (RoomEscapeException e) { - response.sendRedirect("/login"); - throw new RoomEscapeException(ErrorType.LOGIN_REQUIRED, HttpStatus.FORBIDDEN); - } - } - - private Cookie getToken(HttpServletRequest request) { - validateCookieHeader(request); - - Cookie[] cookies = request.getCookies(); - return Arrays.stream(cookies) - .filter(cookie -> cookie.getName().equals(ACCESS_TOKEN_COOKIE_NAME)) - .findAny() - .orElseThrow(() -> new RoomEscapeException(ErrorType.INVALID_TOKEN, HttpStatus.UNAUTHORIZED)); - } - - private void validateCookieHeader(HttpServletRequest request) { - String cookieHeader = request.getHeader("Cookie"); - if (cookieHeader == null) { - throw new RoomEscapeException(ErrorType.NOT_EXIST_COOKIE, HttpStatus.UNAUTHORIZED); - } - } - - private boolean isHandlerIrrelevantWithLoginRequired(Object handler) { - if (!(handler instanceof HandlerMethod handlerMethod)) { - return true; - } - LoginRequired loginRequiredAnnotation = handlerMethod.getMethodAnnotation(LoginRequired.class); - return loginRequiredAnnotation == null; - } -} \ No newline at end of file