diff --git a/src/main/kotlin/roomescape/auth/business/AuthServiceV2.kt b/src/main/kotlin/roomescape/auth/business/AuthServiceV2.kt index 591ddb44..7fd04dfb 100644 --- a/src/main/kotlin/roomescape/auth/business/AuthServiceV2.kt +++ b/src/main/kotlin/roomescape/auth/business/AuthServiceV2.kt @@ -33,50 +33,34 @@ class AuthServiceV2( request: LoginRequestV2, context: LoginContext ): LoginSuccessResponse { - log.info { "[AuthService.login] 로그인 시작: account=${request.account}, type=${request.principalType}" } + log.info { "[AuthService.login] 로그인 시작: account=${request.account}, type=${request.principalType}, context=${context}" } - val extraClaims: MutableMap = mutableMapOf() - - val credentials: LoginCredentials = when (request.principalType) { - PrincipalType.ADMIN -> { - adminService.findCredentialsByAccount(request.account).also { - extraClaims.put(CLAIM_PERMISSION_KEY, it.permissionLevel) - extraClaims.put(CLAIM_TYPE_KEY, PrincipalType.ADMIN) - } - } - - PrincipalType.USER -> { - userService.findCredentialsByAccount(request.account).also { - extraClaims.put(CLAIM_TYPE_KEY, PrincipalType.USER) - } - } - } + val (credentials, extraClaims) = getCredentials(request) try { - if (credentials.password != request.password) { - log.info { "[AuthService.login] 비밀번호 불일치로 인한 로그인 실패: account = ${request.account}" } - throw AuthException(AuthErrorCode.LOGIN_FAILED) - } + verifyPasswordOrThrow(request, credentials) val accessToken = jwtUtils.createToken(subject = credentials.id.toString(), claims = extraClaims) - return LoginSuccessResponse(accessToken) - .also { - log.info { "[AuthService.login] 관리자 로그인 완료: account = ${request.account}, id=${credentials.id}" } - loginHistoryService.createSuccessHistory(credentials.id, PrincipalType.ADMIN, context) - } + + loginHistoryService.createSuccessHistory(credentials.id, request.principalType, context) + + return LoginSuccessResponse(accessToken).also { + log.info { "[AuthService.login] 로그인 완료: account=${request.account}, context=${context}" } + } + } catch (e: Exception) { - log.warn { "[AuthService.login] 관리자 로그인 실패: account = ${request.account}, message=${e.message}" } - loginHistoryService.createFailureHistory(credentials.id, PrincipalType.ADMIN, context) + loginHistoryService.createFailureHistory(credentials.id, request.principalType, context) - throw e - } - } + when (e) { + is AuthException -> { + log.info { "[AuthService.login] 로그인 실패: account = ${request.account}" } + throw e + } - @Transactional(readOnly = true) - fun checkLogin(context: CurrentUserContext): CurrentUserContext { - return findContextById(context.id, context.type).also { - if (it != context) { - throw AuthException(AuthErrorCode.MEMBER_NOT_FOUND) + else -> { + log.warn { "[AuthService.login] 로그인 실패: message=${e.message} account = ${request.account}" } + throw AuthException(AuthErrorCode.TEMPORARY_AUTH_ERROR) + } } } } @@ -97,4 +81,34 @@ class AuthServiceV2( log.info { "[AuthService.checkLogin] 로그인 확인 완료: id=${id}, type=${type}" } } } + + private fun verifyPasswordOrThrow( + request: LoginRequestV2, + credentials: LoginCredentials + ) { + if (credentials.password != request.password) { + log.info { "[AuthService.login] 비밀번호 불일치로 인한 로그인 실패: account = ${request.account}" } + throw AuthException(AuthErrorCode.LOGIN_FAILED) + } + } + + private fun getCredentials(request: LoginRequestV2): Pair> { + val extraClaims: MutableMap = mutableMapOf() + val credentials: LoginCredentials = when (request.principalType) { + PrincipalType.ADMIN -> { + adminService.findCredentialsByAccount(request.account).also { + extraClaims.put(CLAIM_PERMISSION_KEY, it.permissionLevel) + extraClaims.put(CLAIM_TYPE_KEY, PrincipalType.ADMIN) + } + } + + PrincipalType.USER -> { + userService.findCredentialsByAccount(request.account).also { + extraClaims.put(CLAIM_TYPE_KEY, PrincipalType.USER) + } + } + } + + return credentials to extraClaims + } }