refactor: 회원 / 관리자 로그인시 jwt claim 수정

2025-09-14 21:13:22 +09:00 · 2025-09-14 21:13:22 +09:00 · a021ce8e73
commit a021ce8e73
parent 63251d67ea
1 changed files with 7 additions and 8 deletions
--- a/src/main/kotlin/roomescape/auth/business/AuthService.kt
+++ b/src/main/kotlin/roomescape/auth/business/AuthService.kt
@ -18,8 +18,9 @@ import roomescape.user.business.UserService
 private val log: KLogger = KotlinLogging.logger {}
 const val CLAIM_ADMIN_TYPE_KEY = "admin_type"
 const val CLAIM_PERMISSION_KEY = "permission"
-const val CLAIM_TYPE_KEY = "principal_type"
+const val CLAIM_STORE_ID_KEY = "store_id"
@Service
 class AuthService(
@ -34,7 +35,6 @@ class AuthService(
        context: LoginContext
    ): LoginSuccessResponse {
        log.info { "[AuthService.login] 로그인 시작: account=${request.account}, type=${request.principalType}, context=${context}" }
        val (credentials, extraClaims) = getCredentials(request)
        try {
@ -44,7 +44,7 @@ class AuthService(
            loginHistoryService.createSuccessHistory(credentials.id, request.principalType, context)
-            return LoginSuccessResponse(accessToken).also {
+            return credentials.toResponse(accessToken).also {
                log.info { "[AuthService.login] 로그인 완료: account=${request.account}, context=${context}" }
            }
@ -97,15 +97,14 @@ class AuthService(
        val credentials: LoginCredentials = when (request.principalType) {
            PrincipalType.ADMIN -> {
                adminService.findCredentialsByAccount(request.account).also {
-                    extraClaims.put(CLAIM_PERMISSION_KEY, it.permissionLevel)
+                    extraClaims.put(CLAIM_ADMIN_TYPE_KEY, it.type.name)
-                    extraClaims.put(CLAIM_TYPE_KEY, PrincipalType.ADMIN)
+                    extraClaims.put(CLAIM_PERMISSION_KEY, it.permissionLevel.name)
                    it.storeId?.also { storeId -> extraClaims.put(CLAIM_STORE_ID_KEY, storeId.toString()) }
                }
            }
            PrincipalType.USER -> {
-                userService.findCredentialsByAccount(request.account).also {
+                userService.findCredentialsByAccount(request.account)
                    extraClaims.put(CLAIM_TYPE_KEY, PrincipalType.USER)
                }
            }
        }