Merge pull request #140 from sessac-3rd-team-A/cors/#137

Cors/#137

Dockerfile

@@ -0,0 +1,25 @@
+# Dockerfile
+
+# Use the specified platform image (in this case, linux/amd64)
+# FROM openjdk:17-alpine
+#
+# # Set the JARFILE argument
+# ARG JARFILE=build/libs/*.jar
+#
+# # Copy the JAR file into the container
+# COPY ${JARFILE} app.jar
+#
+# # Set the entry point for the container
+# ENTRYPOINT ["java", "-jar", "/app.jar"]
+
+# Build Stage
+FROM openjdk:17-alpine as builder
+WORKDIR /app
+COPY . /app
+RUN ./gradlew build
+
+# Final Stage
+FROM openjdk:17-alpine
+ARG JARFILE=build/libs/*.jar
+COPY --from=builder /app/${JARFILE} /app/app.jar
+ENTRYPOINT ["java", "-jar", "/app/app.jar"]

gradlew.bat

@@ -34,7 +34,8 @@ set APP_HOME=%DIRNAME%
 for %%i in ("%APP_HOME%") do set APP_HOME=%%~fi
 
 @rem Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
-set DEFAULT_JVM_OPTS="-Xmx64m" "-Xms64m"
+set DEFAULT_JVM_OPTS="-Xmx1024m" "-Xms1024m"
+
 
 @rem Find java.exe
 if defined JAVA_HOME goto findJavaFromJavaHome

src/main/java/back/ahwhew/config/WebConfig.java

@@ -64,7 +64,8 @@ public CorsConfigurationSource corsConfigurationSource() {
 
         // cors 설정
         config.setAllowCredentials(true);
-        config.setAllowedOriginPatterns(Arrays.asList("http://localhost:3000"));
+        config.setAllowedOriginPatterns(Arrays.asList("http://13.124.239.187:3000"));
+//        config.setAllowedOriginPatterns(Arrays.asList("http://localhost:3000"));
         config.setAllowedMethods(Arrays.asList("HEAD", "POST", "GET", "DELETE", "PUT", "PATCH"));
         config.setAllowedHeaders(Arrays.asList("*"));
 

src/main/java/back/ahwhew/controller/UserController.java

@@ -10,18 +10,15 @@
 import com.fasterxml.jackson.databind.ObjectMapper;
 import io.jsonwebtoken.Claims;
 import io.jsonwebtoken.Jwts;
-import jakarta.servlet.http.Cookie;
 import jakarta.servlet.http.HttpServletRequest;
-import jakarta.servlet.http.HttpServletResponse;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
-import org.springframework.security.core.annotation.AuthenticationPrincipal;
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.web.bind.annotation.*;
 import org.springframework.web.reactive.function.client.WebClient;
-
 import java.util.UUID;
 
 @RestController
@@ -91,183 +88,121 @@ public ResponseEntity<?> registerUser(@RequestBody UserDTO dto) {
     }
 
     @PostMapping("/signin")
-    public ResponseEntity<?> authenticate(@RequestBody UserDTO dto, HttpServletResponse response){
-        log.info("Start signin");
-
-        // 유저 유효성 검사
-        String validCheck = isValidUser(dto);
-        if (!validCheck.equals("checked")){
-            ResponseDTO resDTO = ResponseDTO.builder()
-                    .error(validCheck)
-                    .build();
+    public ResponseEntity<?> authenticate(@RequestBody UserDTO dto){
+        try {
+            log.info("Start signin");
 
-            return ResponseEntity.badRequest().body(resDTO);
-        }
-
-        UserEntity user = service.getByCredentials(dto.getUserId(), dto.getPassword(), passwordEncoder);
+            // 유저 유효성 검사
+            String validCheck = isValidUser(dto);
+            if (!validCheck.equals("checked")) {
+                ResponseDTO resDTO = ResponseDTO.builder()
+                        .error(validCheck)
+                        .build();
 
-        log.info("user: {}",user);
-        if(user.getUserId() != null){
-            log.info("user is not null");
-            // 이메일, 비번으로 찾은 유저 있음 = 로그인 성공
-            final String token = tokenProvider.createAccessToken(user);
-            final String refreshToken = tokenProvider.createRefreshToken(user);
-            log.info("token value: {}", token);
-            log.info("finish creating token");
-            final UserDTO resUserDTO = UserDTO.builder()
-                    // 나중에 프론트와 연결시 필요한 요소 추가할것
-                    .userId(user.getUserId())
-                    .password(user.getPassword())
-                    .nickname(user.getNickname())
-                    .age(user.getAge())
-                    .gender(user.getGender())
-                    .accessToken(token) // jwt 토큰 설정
-                    .refreshToken(refreshToken)
-                    .build();
+                return ResponseEntity.badRequest().body(resDTO);
+            }
 
-//            Cookie cookie1 = new Cookie("accessToken", token);
-//            Cookie cookie2 = new Cookie("refreshToken", refreshToken);
+            UserEntity user = service.getByCredentials(dto.getUserId(), dto.getPassword(), passwordEncoder);
+            log.info("user: {}", user);
+
+            if (user.getUserId() != null) {
+                log.info("user is not null");
+                // userId, password로 찾은 유저 있음 = 로그인 성공
+                final String accessToken = tokenProvider.createAccessToken(user);
+                final String refreshToken = tokenProvider.createRefreshToken(user);
+                log.info("accessToken value: {}", accessToken);
+                log.info("finish creating token");
+
+                final UserDTO resUserDTO = UserDTO.builder()
+                        .userId(user.getUserId())
+                        .password(user.getPassword())
+                        .nickname(user.getNickname())
+                        .age(user.getAge())
+                        .gender(user.getGender())
+                        .accessToken(accessToken)
+                        .refreshToken(refreshToken)
+                        .build();
+
+                return ResponseEntity.ok().body(resUserDTO);
+
+            } else if(user.getAge() != "getByCredentials error"){
+                // userId, password로 찾은 유저 없음 = 로그인 실패
+                ResponseDTO resDTO = ResponseDTO.builder()
+                        .error(user.getAge()) // service에서 로그인 실패 사유를 age에 담아 보내기 때문
+                        .build();
+
+                return ResponseEntity.status(401).body(resDTO);
+            }else {
+                // UserService 에러 발생
+                ResponseDTO resDTO = ResponseDTO.builder()
+                        .error(user.getAge())
+                        .build();
+
+                return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR).body(resDTO);
+            }
+        }catch (Exception e){
+            log.error("exception in /auth/signin", e);
+            return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR).body("signin fail");
+        }
+    }
 
+    // accessToken 재발급
+    @PostMapping("/newToken")
+    public ResponseEntity<?> createNewToken(HttpServletRequest request){
+        try {
+            String token = request.getHeader("Authorization").substring(7);
+            log.info("create new accessToken from : {}", token);
 
-//            cookie1.setDomain("localhost");
-// 도메인 설정: 쿠키가 사용될 도메인을 설정하는 코드, 현프로젝트에서는 localhost라서 설정할 필요없고 나중에 배포할때 도메인에 맞춰서 설정하면 보안에 도움됨
+            Claims claims = Jwts.parser()
+                    .setSigningKey(jwtProperties.getSecretKey())
+                    .parseClaimsJws(token)
+                    .getBody();
 
-//            cookie1.setPath("/");
-//            cookie1.setHttpOnly(true);
-//            cookie1.setSecure(true);
+            UUID id = UUID.fromString(claims.getSubject());
+            log.info("id : {}", id);
 
-//            cookie2.setDomain("localhost");
-//            cookie2.setPath("/");
-//            cookie2.setHttpOnly(true);
-//            cookie2.setSecure(true);
+            UserEntity user = service.getById(id);
+            String accessToken = tokenProvider.createAccessToken(user);
+            final UserDTO resUserDTO = UserDTO.builder()
+                    .userId(user.getUserId())
+                    .accessToken(accessToken)
+                    .build();
 
+            return ResponseEntity.ok().body(resUserDTO);
+        }catch (Exception e){
+            log.error("/auth/newToken 실행 중 예외 발생", e);
+            return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR).body("newToken fail");
+        }
+    }
 
-//            cookie1.setMaxAge(3600);
-//            cookie2.setMaxAge(3600);
-//            cookie1.setHttpOnly(true);
-//            cookie1.setSecure(true);
+    // refreshToken 재발급
+    @PostMapping("/newRefreshToken")
+    public ResponseEntity<?> createNewRefreshToken(HttpServletRequest request){
+        try {
+            String token = request.getHeader("Authorization").substring(7);
+            log.info("create new refresh Token from : {}", token);
 
-//            log.info("cookie1: {}", cookie1.getMaxAge());
-//
-//
-//            response.addCookie(cookie1);
-//            response.addCookie(cookie2);
+            Claims claims = Jwts.parser()
+                    .setSigningKey(jwtProperties.getSecretKey())
+                    .parseClaimsJws(token)
+                    .getBody();
 
-            return ResponseEntity.ok().body(resUserDTO);
+            UUID id = UUID.fromString(claims.getSubject());
+            log.info("id : {}", id);
 
-        } else {
-            // userId, 비번으로 찾은 유저 없음 = 로그인 실패
-            ResponseDTO resDTO = ResponseDTO.builder()
-                    .error(user.getAge()) // service에서 로그인 실패 사유를 age에 담아 보내기 때문
+            UserEntity user = service.getById(id);
+            String refreshToken = tokenProvider.createRefreshToken(user);
+            final UserDTO resUserDTO = UserDTO.builder()
+                    .userId(user.getUserId())
+                    .refreshToken(refreshToken)
                     .build();
 
-            return ResponseEntity.status(401).body(resDTO);
+            return ResponseEntity.ok().body(resUserDTO);
+        }catch (Exception e){
+            log.error("/auth/newrefreshToken 실행 중 예외 발생", e);
+            return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR).body("newRefreshToken fail");
         }
     }
-    @PostMapping("/newToken")
-    public ResponseEntity<?> createNewToken(HttpServletRequest request, HttpServletResponse response){
-        String token = request.getHeader("Authorization").substring(7);
-//        Cookie[] cookies = request.getCookies();
-//        String tokenName = null;
-//        String token = null;
-//        // refreshToken 찾기
-//        for(Cookie cookie: cookies){
-//            if(cookie.getName().equals("refreshToken")){
-//                tokenName = cookie.getName();
-//                token = cookie.getValue();
-//            }
-//        }
-        log.info("create new Token from : {}", token);
-        Claims claims = Jwts.parser()
-                .setSigningKey(jwtProperties.getSecretKey())
-                .parseClaimsJws(token)
-                .getBody();
-        UUID id = UUID.fromString(claims.getSubject());
-
-        log.info("id : {}", id);
-
-        // 토큰으로 id를 이용해서 사람 찾고
-        UserEntity user = service.getById(id);
-        String accessToken = tokenProvider.createAccessToken(user);
-        // createAccesstoken에서 리턴
-        final UserDTO resUserDTO = UserDTO.builder()
-                // 나중에 프론트와 연결시 필요한 요소 추가할것
-                .userId(user.getUserId())
-                .password(user.getPassword())
-                .nickname(user.getNickname())
-                .age(user.getAge())
-                .gender(user.getGender())
-                .accessToken(accessToken)
-                .build();
-//        Cookie cookie = new Cookie("accessToken", accessToken);
-//        cookie.setDomain("localhost");
-//        cookie.setPath("/");
-//        cookie.setHttpOnly(true);
-//        cookie.setSecure(true);
-//        response.addCookie(cookie);
-
-        return ResponseEntity.ok().body(resUserDTO);
-    }
-    @PostMapping("/newRefreshToken")
-    public ResponseEntity<?> createNewRefreshToken(HttpServletRequest request, HttpServletResponse response){
-        String token = request.getHeader("Authorization").substring(7);
-//        Cookie[] cookies = request.getCookies();
-//        String tokenName = null;
-//        String token = null;
-//        // refreshToken 찾기
-//        for(Cookie cookie: cookies){
-//            if(cookie.getName().equals("accessToken")){
-//                tokenName = cookie.getName();
-//                token = cookie.getValue();
-//            }
-//        }
-        log.info("create new refresh Token from : {}", token);
-        Claims claims = Jwts.parser()
-                .setSigningKey(jwtProperties.getSecretKey())
-                .parseClaimsJws(token)
-                .getBody();
-        UUID id = UUID.fromString(claims.getSubject());
-
-        log.info("id : {}", id);
-
-        // 토큰으로 id를 이용해서 사람 찾고
-        UserEntity user = service.getById(id);
-        String refreshToken = tokenProvider.createRefreshToken(user);
-        // createAccesstoken에서 리턴
-        final UserDTO resUserDTO = UserDTO.builder()
-                // 나중에 프론트와 연결시 필요한 요소 추가할것
-                .userId(user.getUserId())
-                .password(user.getPassword())
-                .nickname(user.getNickname())
-                .age(user.getAge())
-                .gender(user.getGender())
-                .refreshToken(refreshToken)
-                .build();
-
-//        Cookie cookie = new Cookie("refreshToken", refreshToken);
-////        cookie.setDomain("localhost");
-//        cookie.setPath("/");
-//        cookie.setHttpOnly(true);
-//        cookie.setSecure(true);
-//
-//        response.addCookie(cookie);
-
-        return ResponseEntity.ok().body(resUserDTO);
-    }
-
-    @GetMapping("/check")
-    public ResponseEntity<?> check(@AuthenticationPrincipal UserEntity user, HttpServletRequest request){
-        // @AuthenticationPrincipal UserEntity user 사용시 주의 사항
-        // user에는 id, age, gender만 들어가있음. 이외에는 service.getById(user.getId());를 활용해 user값을 가져와야함
-        log.info("UserEntity age from 어노테이션 : {}", user.getAge());
-        log.info("UserEntity Gender from 어노테이션 : {}", user.getGender());
-
-        // 요청에 토큰 담아서 보냈을때 User정보 가져오는 코드
-        log.info("check 경로 id : {}", user.getId());
-        UserEntity newUser = service.getById(user.getId());
-        log.info("check 경로 UserEntity : {}", String.valueOf(newUser));
-        return ResponseEntity.ok().body(String.valueOf(newUser));
-    }
 
     private String isValidUser(UserDTO userDTO){
         if(userDTO.getUserId() == null || userDTO.getUserId().isEmpty()){ //userId가 null이거나 빈 값일때