From 38d371acbb4a18b5c4d53d91aa1473ad4c03408a Mon Sep 17 00:00:00 2001 From: imscow11253 Date: Mon, 13 Jan 2025 06:01:15 +0900 Subject: [PATCH 1/2] =?UTF-8?q?chore=20:=20api=20swagger=20=EB=AA=85?= =?UTF-8?q?=EC=84=B8=20=EC=9E=91=EC=84=B1?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../tohero/presentation/controller/AddressController.java | 2 ++ .../tohero/presentation/controller/AuthController.java | 2 ++ .../tohero/presentation/controller/LetterController.java | 5 +++++ .../tohero/presentation/controller/NewsController.java | 2 ++ 4 files changed, 11 insertions(+) diff --git a/src/main/java/com/neighbors/tohero/presentation/controller/AddressController.java b/src/main/java/com/neighbors/tohero/presentation/controller/AddressController.java index 64bca9f..1f540a8 100644 --- a/src/main/java/com/neighbors/tohero/presentation/controller/AddressController.java +++ b/src/main/java/com/neighbors/tohero/presentation/controller/AddressController.java @@ -3,6 +3,7 @@ import com.neighbors.tohero.application.address.dto.SearchAddressRequest; import com.neighbors.tohero.application.address.service.AddressService; import com.neighbors.tohero.application.baseResponse.BaseResponse; +import io.swagger.v3.oas.annotations.Operation; import lombok.RequiredArgsConstructor; import org.springdoc.core.annotations.ParameterObject; import org.springframework.http.ResponseEntity; @@ -18,6 +19,7 @@ public class AddressController { private final AddressService addressService; + @Operation(summary = "주소 API", description = "주소 조회를 위해 사용되는 API입니다. 경찰서 기준으로 검색하고 싶으면 TargetJob 부분에 POLICE_OFFICER, 소방서 기준으로 검색하고 싶으면 FIRE_FIGHTER 로 입력해주시면 됩니다.") @GetMapping("/address") public ResponseEntity searchAddress(@ParameterObject @Validated SearchAddressRequest searchAddressRequest) { return ResponseEntity.ok() diff --git a/src/main/java/com/neighbors/tohero/presentation/controller/AuthController.java b/src/main/java/com/neighbors/tohero/presentation/controller/AuthController.java index d7842d2..bdb2e97 100644 --- a/src/main/java/com/neighbors/tohero/presentation/controller/AuthController.java +++ b/src/main/java/com/neighbors/tohero/presentation/controller/AuthController.java @@ -2,6 +2,7 @@ import com.neighbors.tohero.application.auth.service.AuthService; import com.neighbors.tohero.application.baseResponse.BaseResponse; +import io.swagger.v3.oas.annotations.Operation; import lombok.RequiredArgsConstructor; import org.springframework.http.ResponseEntity; import org.springframework.web.bind.annotation.GetMapping; @@ -16,6 +17,7 @@ public class AuthController { private final AuthService authService; + @Operation(summary = "JWT 토큰 API", description = "refresh 토큰으로 access 토큰을 재발급하는 API입니다.") @GetMapping("/auth/refreshToken") public ResponseEntity refreshAccessToken(@RequestParam String refreshToken) { return ResponseEntity.ok() diff --git a/src/main/java/com/neighbors/tohero/presentation/controller/LetterController.java b/src/main/java/com/neighbors/tohero/presentation/controller/LetterController.java index fa4a2ea..860317f 100644 --- a/src/main/java/com/neighbors/tohero/presentation/controller/LetterController.java +++ b/src/main/java/com/neighbors/tohero/presentation/controller/LetterController.java @@ -6,6 +6,7 @@ import com.neighbors.tohero.application.letter.dto.UpdateLetterPublic; import com.neighbors.tohero.application.letter.service.LetterService; import com.neighbors.tohero.common.jwt.JwtUserDetails; +import io.swagger.v3.oas.annotations.Operation; import io.swagger.v3.oas.annotations.Parameter; import lombok.RequiredArgsConstructor; import org.springdoc.core.annotations.ParameterObject; @@ -21,6 +22,7 @@ public class LetterController { private final LetterService letterService; + @Operation(summary = "편지 API", description = "편지를 생성하는 API입니다. content, isPublic은 필수 정보입니다. TargetJob, addressId, heroName은 사용자에게 입력받은 여부에 따라 json에 포함/미포함 할 수 있습니다. readingAlarm은 열람여부를 메시지로 받을지 여부이며, 로그인한 유저일 경우만 json에 포함시키면 됩니다. ") @PostMapping("") public ResponseEntity createLetter( @Parameter(hidden=true) @AuthenticationPrincipal JwtUserDetails jwtUserDetail, @@ -30,18 +32,21 @@ public ResponseEntity createLetter( .body(letterService.createLetter(jwtUserDetail, createLetterRequest)); } + @Operation(summary = "편지 API", description = "편지를 상세 조회하는 API입니다.") @GetMapping("/detail") public ResponseEntity getLetterDetail(@ParameterObject GetLetterDetailRequest getLetterDetailRequest){ return ResponseEntity.ok() .body(letterService.getLetterDetail(getLetterDetailRequest)); } + @Operation(summary = "편지 API", description = "내가 작성한 편지를 조회하는 API입니다. 로그인한 유저만 사용할 수 있습니다.") @GetMapping("") public ResponseEntity getMyLetters(@Parameter(hidden = true) @AuthenticationPrincipal JwtUserDetails jwtUserDetail){ return ResponseEntity.ok() .body(letterService.getMyLetters(jwtUserDetail.getUserId())); } + @Operation(summary = "편지 API", description = "편지의 공개 여부를 수정하는 API입니다. 로그인한 유저만 사용할 수 있습니다.") @PutMapping("") public ResponseEntity updateLetterPublic( @Parameter(hidden = true) @AuthenticationPrincipal JwtUserDetails jwtUserDetail, diff --git a/src/main/java/com/neighbors/tohero/presentation/controller/NewsController.java b/src/main/java/com/neighbors/tohero/presentation/controller/NewsController.java index 26c0862..51f7a42 100644 --- a/src/main/java/com/neighbors/tohero/presentation/controller/NewsController.java +++ b/src/main/java/com/neighbors/tohero/presentation/controller/NewsController.java @@ -2,6 +2,7 @@ import com.neighbors.tohero.application.baseResponse.BaseResponse; import com.neighbors.tohero.application.news.service.NewsService; +import io.swagger.v3.oas.annotations.Operation; import lombok.RequiredArgsConstructor; import org.springdoc.core.annotations.ParameterObject; import org.springframework.data.domain.Pageable; @@ -18,6 +19,7 @@ public class NewsController { private final NewsService newsService; + @Operation(summary = "소식 API", description = "소식 모아보기 API입니다. 무한페이징입니다.") @GetMapping("") public ResponseEntity getPagedNews(@ParameterObject Pageable pageable){ return ResponseEntity.ok() From 5694df4258160057631ec8339ca48a928eb15f0e Mon Sep 17 00:00:00 2001 From: imscow11253 Date: Mon, 13 Jan 2025 06:23:16 +0900 Subject: [PATCH 2/2] =?UTF-8?q?hotfix=20:=20Guest=20API=20=EC=A0=91?= =?UTF-8?q?=EA=B7=BC=20=EC=A0=9C=ED=95=9C=20security=20=EB=A1=9C=EC=A7=81?= =?UTF-8?q?=20=EC=88=98=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../tohero/common/ErrorResponseUtil.java | 2 +- .../common/security/AuthenticationUtil.java | 41 +++++++++++++++++-- 2 files changed, 38 insertions(+), 5 deletions(-) diff --git a/src/main/java/com/neighbors/tohero/common/ErrorResponseUtil.java b/src/main/java/com/neighbors/tohero/common/ErrorResponseUtil.java index f0f8636..f2a9b40 100644 --- a/src/main/java/com/neighbors/tohero/common/ErrorResponseUtil.java +++ b/src/main/java/com/neighbors/tohero/common/ErrorResponseUtil.java @@ -13,7 +13,7 @@ public class ErrorResponseUtil { public static void setResponse(HttpServletResponse response, BaseResponseStatus responseStatus) throws IOException { - BaseResponse errorResponse = new BaseResponse(responseStatus, "JWT TOKEN 오류입니다."); + BaseResponse errorResponse = new BaseResponse(responseStatus, "THIS API NEED AUTHORIZED JWT TOKEN (MAYBE NOT GUEST TOKEN)"); response.setStatus(HttpServletResponse.SC_BAD_REQUEST); response.setContentType("application/json"); diff --git a/src/main/java/com/neighbors/tohero/common/security/AuthenticationUtil.java b/src/main/java/com/neighbors/tohero/common/security/AuthenticationUtil.java index a262bab..6ed25d5 100644 --- a/src/main/java/com/neighbors/tohero/common/security/AuthenticationUtil.java +++ b/src/main/java/com/neighbors/tohero/common/security/AuthenticationUtil.java @@ -2,6 +2,7 @@ import com.neighbors.tohero.common.enums.Role; import com.neighbors.tohero.common.jwt.JwtProvider; +import jakarta.annotation.PostConstruct; import jakarta.servlet.http.HttpServletRequest; import lombok.RequiredArgsConstructor; import lombok.extern.slf4j.Slf4j; @@ -10,7 +11,7 @@ import org.springframework.stereotype.Component; import org.springframework.util.StringUtils; -import java.util.Optional; +import java.util.*; @Slf4j @Component @@ -18,6 +19,24 @@ public class AuthenticationUtil { private final JwtProvider jwtProvider; + private Map> onlyUserRequest; + + @PostConstruct + private void initOnlyUserRequest() { + onlyUserRequest = new HashMap<>(); + + // 초기화 + addToOnlyUserRequest("PUT", "/user/name"); + addToOnlyUserRequest("POST", "/user/signout"); + addToOnlyUserRequest("POST", "/user/logout"); + addToOnlyUserRequest("GET", "/letter"); + addToOnlyUserRequest("PUT", "/letter"); + addToOnlyUserRequest("GET", "/auth/refreshToken"); + } + + private void addToOnlyUserRequest(String method, String url) { + onlyUserRequest.computeIfAbsent(method, k -> new ArrayList<>()).add(url); + } public void setAuthenticationFromRequest(HttpServletRequest request) { @@ -42,9 +61,11 @@ private Optional makeAuthentication(HttpServletRequest reque if(isTokenValid(token)) { if (isRequestAvailableToGuest(token)) { - log.info("[AuthenticationUtil.makeAuthentication : Guest 권한 부여]"); - String nickname = jwtProvider.getGuestJwtUserDetails(token).getNickname(); - authentication = UserAuthentication.makeGuestAuthentication(nickname); + if(checkGuestAccessRequest(request)){ + log.info("[AuthenticationUtil.makeAuthentication : Guest 권한 부여]"); + String nickname = jwtProvider.getGuestJwtUserDetails(token).getNickname(); + authentication = UserAuthentication.makeGuestAuthentication(nickname); + } } else { log.info("[AuthenticationUtil.makeAuthentication : User 권한 부여]"); @@ -59,6 +80,18 @@ private Optional makeAuthentication(HttpServletRequest reque return Optional.ofNullable(authentication); } + private boolean checkGuestAccessRequest(HttpServletRequest request) { + List urls = onlyUserRequest.get(request.getMethod()); + if (urls != null) { + for (String url : urls) { + if (request.getRequestURI().contains(url)) { + return false; + } + } + } + return true; + } + private String getJwtFromRequest(HttpServletRequest request) { String bearerToken = request.getHeader("Authorization");