Merge pull request #15 from Team-Plu/feat/#14

build.gradle.kts

@@ -41,7 +41,6 @@ subprojects {
 		implementation("org.springframework.boot:spring-boot-starter-actuator")
 
 		// tools
-		implementation("org.springframework.boot:spring-boot-starter-validation")
 		compileOnly("org.projectlombok:lombok")
 		annotationProcessor("org.projectlombok:lombok")
 
@@ -55,6 +54,4 @@ subprojects {
 		useJUnitPlatform()
 	}
 }
-//
-//version = "0.0.1-SNAPSHOT"
 

plu-api/build.gradle.kts

@@ -1,26 +1,38 @@
 plugins {
-	kotlin("jvm")
+    kotlin("jvm")
 }
 tasks.jar {
-	enabled = false
+    enabled = false
 }
 
 dependencies {
-	implementation(project(":plu-domain"))
-	implementation(project(":plu-external"))
-	implementation(project(":plu-common"))
+    implementation(project(":plu-domain"))
+    implementation(project(":plu-external"))
+    implementation(project(":plu-common"))
 
-	// web
-	implementation("org.springframework.boot:spring-boot-starter-web")
+    // web
+    implementation("org.springframework.boot:spring-boot-starter-web")
 
-	// Redis
-	implementation("org.springframework.boot:spring-boot-starter-data-redis")
-	implementation("org.springframework.session:spring-session-data-redis")
-	implementation(kotlin("stdlib-jdk8"))
+    // validation
+    implementation("org.springframework.boot:spring-boot-starter-validation")
+    implementation("jakarta.validation:jakarta.validation-api:3.0.2")
+
+    // swagger
+    implementation("org.springdoc:springdoc-openapi-starter-webmvc-ui:2.3.0")
+
+    // Redis
+    implementation("org.springframework.boot:spring-boot-starter-data-redis")
+    implementation("org.springframework.session:spring-session-data-redis")
+    implementation(kotlin("stdlib-jdk8"))
+
+    //jwt
+    implementation("io.jsonwebtoken:jjwt-api:0.11.2")
+    runtimeOnly("io.jsonwebtoken:jjwt-impl:0.11.2")
+    runtimeOnly("io.jsonwebtoken:jjwt-jackson:0.11.2")
 }
 repositories {
-	mavenCentral()
+    mavenCentral()
 }
 kotlin {
-	jvmToolchain(17)
+    jvmToolchain(17)
 }

plu-api/src/main/kotlin/com/th/plu/PluApiApplication.kt → plu-api/src/main/kotlin/com/th/plu/api/PluApiApplication.kt

@@ -1,4 +1,4 @@
-package com.th.plu
+package com.th.plu.api
 
 import com.th.plu.common.PluCommonRoot
 import com.th.plu.domain.PluDomainRoot

plu-api/src/main/kotlin/com/th/plu/api/config/WebConfig.kt

@@ -0,0 +1,24 @@
+package com.th.plu.api.config
+
+import com.th.plu.api.config.interceptor.AuthInterceptor
+import com.th.plu.api.config.resolver.MemberIdResolver
+import org.springframework.context.annotation.Configuration
+import org.springframework.web.method.support.HandlerMethodArgumentResolver
+import org.springframework.web.servlet.config.annotation.InterceptorRegistry
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurer
+
+@Configuration
+class WebConfig(
+    private val authInterceptor: AuthInterceptor,
+    private val memberIdResolver: MemberIdResolver
+) : WebMvcConfigurer {
+
+    override fun addInterceptors(registry: InterceptorRegistry) {
+        registry.addInterceptor(authInterceptor)
+    }
+
+    override fun addArgumentResolvers(resolvers: MutableList<HandlerMethodArgumentResolver>) {
+        resolvers.add(memberIdResolver)
+    }
+
+}

plu-api/src/main/kotlin/com/th/plu/api/config/interceptor/Auth.kt

@@ -0,0 +1,5 @@
+package com.th.plu.api.config.interceptor
+
+@Target(AnnotationTarget.FUNCTION)
+@Retention(AnnotationRetention.RUNTIME)
+annotation class Auth

plu-api/src/main/kotlin/com/th/plu/api/config/interceptor/AuthInterceptor.kt

@@ -0,0 +1,24 @@
+package com.th.plu.api.config.interceptor
+
+import com.th.plu.common.constant.JwtKey
+import jakarta.servlet.http.HttpServletRequest
+import jakarta.servlet.http.HttpServletResponse
+import org.springframework.stereotype.Component
+import org.springframework.web.method.HandlerMethod
+import org.springframework.web.servlet.HandlerInterceptor
+
+@Component
+class AuthInterceptor(
+    private val loginCheckHandler: LoginCheckHandler
+) : HandlerInterceptor {
+
+    override fun preHandle(request: HttpServletRequest, response: HttpServletResponse, handler: Any): Boolean {
+        if (handler !is HandlerMethod) {
+            return true
+        }
+        handler.getMethodAnnotation(Auth::class.java) ?: return true
+        val memberId = loginCheckHandler.getMemberId(request)
+        request.setAttribute(JwtKey.MEMBER_ID, memberId)
+        return true
+    }
+}

plu-api/src/main/kotlin/com/th/plu/api/config/interceptor/LoginCheckHandler.kt

@@ -0,0 +1,23 @@
+package com.th.plu.api.config.interceptor
+
+import com.th.plu.api.service.auth.jwt.JwtHandler
+import com.th.plu.common.exception.code.ErrorCode
+import com.th.plu.common.exception.model.UnauthorizedException
+import jakarta.servlet.http.HttpServletRequest
+import org.springframework.stereotype.Component
+
+@Component
+class LoginCheckHandler(
+    private val jwtHandler: JwtHandler
+) {
+    fun getMemberId(request: HttpServletRequest): Long {
+        val bearerToken: String? = request.getHeader("Authorization")
+        if (!bearerToken.isNullOrBlank() && bearerToken.startsWith("Bearer ")) {
+            val accessToken = bearerToken.substring("Bearer ".length)
+            if (jwtHandler.validateToken(accessToken)) {
+                return jwtHandler.getMemberIdFromJwt(accessToken)
+            }
+        }
+        throw UnauthorizedException(ErrorCode.UNAUTHORIZED_EXCEPTION, "잘못된 JWT $bearerToken 입니다.")
+    }
+}

plu-api/src/main/kotlin/com/th/plu/api/config/resolver/MemberId.kt

@@ -0,0 +1,5 @@
+package com.th.plu.api.config.resolver
+
+@Target(AnnotationTarget.VALUE_PARAMETER)
+@Retention(AnnotationRetention.RUNTIME)
+annotation class MemberId

plu-api/src/main/kotlin/com/th/plu/api/config/resolver/MemberIdResolver.kt

@@ -0,0 +1,37 @@
+package com.th.plu.api.config.resolver
+
+import com.th.plu.api.config.interceptor.Auth
+import com.th.plu.common.constant.JwtKey
+import com.th.plu.common.exception.code.ErrorCode
+import com.th.plu.common.exception.model.InternalServerException
+import org.springframework.core.MethodParameter
+import org.springframework.stereotype.Component
+import org.springframework.web.bind.support.WebDataBinderFactory
+import org.springframework.web.context.request.NativeWebRequest
+import org.springframework.web.method.support.HandlerMethodArgumentResolver
+import org.springframework.web.method.support.ModelAndViewContainer
+
+@Component
+class MemberIdResolver : HandlerMethodArgumentResolver {
+
+    override fun supportsParameter(parameter: MethodParameter): Boolean {
+        return parameter.hasParameterAnnotation(MemberId::class.java) && Long::class.java == parameter.parameterType
+    }
+
+    override fun resolveArgument(
+        parameter: MethodParameter, mavContainer: ModelAndViewContainer?,
+        webRequest: NativeWebRequest, binderFactory: WebDataBinderFactory?
+    ): Any? {
+        parameter.getMethodAnnotation(Auth::class.java)
+            ?: throw InternalServerException(
+                ErrorCode.INTERNAL_SERVER_EXCEPTION,
+                "인증이 필요한 컨트롤러 입니다. @Auth 어노테이션을 붙여주세요."
+            )
+
+        return webRequest.getAttribute(JwtKey.MEMBER_ID, 0)
+            ?: throw InternalServerException(
+                ErrorCode.INTERNAL_SERVER_EXCEPTION,
+                "MEMBER_ID 를 가져오지 못했습니다. ($parameter.javaClass - $parameter.method)"
+            )
+    }
+}

src/main/kotlin/com/th/plu/api/config/swagger/SwaggerConfig.kt → plu-api/src/main/kotlin/com/th/plu/api/config/swagger/SwaggerConfig.kt

@@ -1,10 +1,12 @@
 package com.th.plu.api.config.swagger
 
+import com.th.plu.api.config.resolver.MemberId
 import io.swagger.v3.oas.models.Components
 import io.swagger.v3.oas.models.OpenAPI
 import io.swagger.v3.oas.models.info.Info
 import io.swagger.v3.oas.models.security.SecurityRequirement
 import io.swagger.v3.oas.models.security.SecurityScheme
+import org.springdoc.core.utils.SpringDocUtils
 import org.springframework.context.annotation.Bean
 import org.springframework.context.annotation.Configuration
 
@@ -19,19 +21,22 @@ class SwaggerConfig {
     @Bean
     fun openAPI(): OpenAPI {
         val info = Info()
-                .title(TITLE)
-                .description(DESCRIPTION)
-                .version(VERSION)
+            .title(TITLE)
+            .description(DESCRIPTION)
+            .version(VERSION)
 
         val securityScheme = SecurityScheme()
-                .type(SecurityScheme.Type.HTTP).scheme("bearer").bearerFormat("JWT")
-                .`in`(SecurityScheme.In.HEADER).name("Authorization")
+            .type(SecurityScheme.Type.HTTP).scheme("bearer").bearerFormat("JWT")
+            .`in`(SecurityScheme.In.HEADER).name("Authorization")
         val securityRequirement = SecurityRequirement().addList("Bearer Token")
 
         return OpenAPI()
-                .components(Components().addSecuritySchemes("Bearer Token", securityScheme))
-                .security(listOf(securityRequirement))
-                .info(info)
+            .components(Components().addSecuritySchemes("Bearer Token", securityScheme))
+            .security(listOf(securityRequirement))
+            .info(info)
     }
 
+    init {
+        SpringDocUtils.getConfig().addAnnotationsToIgnore(MemberId::class.java)
+    }
 }