CodePlay-BE/src/main/java/umc/codeplay/controller/AuthController.java at c695292820210cfe15fa9f98fdb1dd43fd8eed27 · UMC-CodePlay/CodePlay-BE · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
package umc.codeplay.controller;

import java.util.Collection;
import java.util.stream.Collectors;
import jakarta.validation.constraints.NotBlank;
import jakarta.validation.constraints.NotNull;

import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.*;

import lombok.RequiredArgsConstructor;

import umc.codeplay.apiPayLoad.ApiResponse;
import umc.codeplay.apiPayLoad.code.status.ErrorStatus;
import umc.codeplay.apiPayLoad.exception.handler.GeneralHandler;
import umc.codeplay.converter.MemberConverter;
import umc.codeplay.domain.Member;
import umc.codeplay.domain.enums.SocialStatus;
import umc.codeplay.dto.MemberRequestDTO;
import umc.codeplay.dto.MemberResponseDTO;
import umc.codeplay.jwt.JwtUtil;
import umc.codeplay.service.MemberService;

@RestController
@RequestMapping("/auth")
@RequiredArgsConstructor
@Validated
public class AuthController {

    private final AuthenticationManager authenticationManager;
    private final JwtUtil jwtUtil;
    private final MemberService memberService;

    @PostMapping("/login")
    public ApiResponse<MemberResponseDTO.LoginResultDTO> login(
            @Validated @RequestBody MemberRequestDTO.LoginDto request) {
        if (memberService.getSocialStatus(request.getEmail()) != SocialStatus.NONE) {
            throw new GeneralHandler(ErrorStatus.AUTHORIZATION_METHOD_ERROR);
        }

        // 아이디/비밀번호를 사용해 AuthenticationToken 생성
        UsernamePasswordAuthenticationToken authToken =
                new UsernamePasswordAuthenticationToken(request.getEmail(), request.getPassword());

        // 실제 인증 수행
        try {
            Authentication authentication = authenticationManager.authenticate(authToken);

            // Role 정보 가져오기
            Collection<? extends GrantedAuthority> authorities = authentication.getAuthorities();

            // 인증에 성공했다면, JWT 토큰 생성 후 반환
            String token = jwtUtil.generateToken(authentication.getName(), authorities);
            String refreshToken =
                    jwtUtil.generateRefreshToken(authentication.getName(), authorities);
            return ApiResponse.onSuccess(
                    MemberConverter.toLoginResultDTO(
                            request.getEmail(), token, refreshToken)); // 예시로 토큰만 문자열로 반환
        } catch (Exception e) {
            throw new GeneralHandler(ErrorStatus.ID_OR_PASSWORD_WRONG);
        }
    }

    @PostMapping("/signup")
    public ApiResponse<MemberResponseDTO.JoinResultDTO> join(
            @Validated @RequestBody MemberRequestDTO.JoinDto request) {
        Member member = memberService.joinMember(request);
        MemberResponseDTO.JoinResultDTO newJoinResult = MemberConverter.toJoinResultDTO(member);

        return ApiResponse.onSuccess(newJoinResult);
    }

    @PostMapping("/refresh")
    public ApiResponse<MemberResponseDTO.LoginResultDTO> refresh(
            @RequestHeader("Refresh-Token") @NotNull(message = "리프레시 토큰은 필수 헤더입니다.") String refreshToken,
            @Validated @RequestParam("email") @NotBlank(message = "이메일은 필수 입력값입니다.") String email) {
        // 리프레시 토큰 유효성 검사
        if (jwtUtil.validateToken(refreshToken)
                && (jwtUtil.getTypeFromToken(refreshToken).equals("refresh"))) {
            // 리프레시 토큰에서 사용자명 추출
            String usernameFromToken = jwtUtil.getUsernameFromToken(refreshToken);

            if (!email.equals(usernameFromToken)) {
                throw new GeneralHandler(ErrorStatus.INVALID_REFRESH_TOKEN);
            }

            // 사용자 권한 정보 가져오기
            Collection<? extends GrantedAuthority> authorities =
                    jwtUtil.getRolesFromToken(refreshToken).stream()
                            .map(SimpleGrantedAuthority::new)
                            .collect(Collectors.toList());

            // 새로운 액세스 토큰 생성
            String newAccessToken = jwtUtil.generateToken(usernameFromToken, authorities);

            return ApiResponse.onSuccess(
                    MemberConverter.toLoginResultDTO(usernameFromToken, newAccessToken, null));
        } else {
            throw new GeneralHandler(ErrorStatus.INVALID_REFRESH_TOKEN);
        }
    }
}