Feature/jwt practice #2
Open
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
* DTO 생성 * Entity 구조 변경 * Exception 핸들러 및 설정파일 변경 * 메모리DB H2 Console 이용
dongKos
reviewed
Aug 20, 2023
| .authorizeHttpRequests((requests) -> requests | ||
| .requestMatchers(PathRequest.toH2Console()).permitAll() | ||
| .requestMatchers( | ||
| new AntPathRequestMatcher("/rest/api/v1/auth"), |
| } | ||
|
|
||
| @PostMapping | ||
| public ResponseEntity<TokenDto> authenticate(@Valid @RequestBody LoginDto loginDto) { |
There was a problem hiding this comment.
principal details 관련 객체를 제거하고 로그인 관련 요청을 controller에서 메뉴얼하게 처리하기 위해서 만든걸로 이해하면될까요?
| @Builder | ||
| @AllArgsConstructor | ||
| @NoArgsConstructor | ||
| public class AuthorityDto { |
There was a problem hiding this comment.
Record Class 반영할게요!
| private String providerId; | ||
|
|
||
| @CreationTimestamp | ||
| private LocalDateTime createDate; |
There was a problem hiding this comment.
와장창 다 빼버렸네요..ㅎㅎ 다시 반영하겠음!
| name = "user_authority", | ||
| joinColumns = {@JoinColumn(name = "user_id", referencedColumnName = "user_id")}, | ||
| inverseJoinColumns = {@JoinColumn(name = "authority_name", referencedColumnName = "authority_name")}) | ||
| private Set<Authority> authorities; |
| Jwts.parserBuilder().setSigningKey(key).build().parseClaimsJws(token); | ||
| return true; | ||
| } catch (SecurityException | MalformedJwtException e) { | ||
| logger.error("잘못된 JWT 서명입니다."); |
There was a problem hiding this comment.
토큰 검증에서 에러가 발생하지 않아서 클라에서는 응답은 정상으로 받지만 리소스를 받지는 못할 것 같은데 그러면 각 에러케이스별로 어떤 액션을 해야할지 모르지 않을까요?
| this.passwordEncoder = passwordEncoder; | ||
| } | ||
|
|
||
| public UserDto signUp(UserDto userDto) { |
|
|
||
| @Override | ||
| @Transactional | ||
| public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException { |
There was a problem hiding this comment.
오잉 요게 있으면 /login 요청은 여기로 올텐데 위에 AuthController는 JWT용으로 따로 빼신건가요? 로그인 프로세스가 어떻게 되는거징..
|
|
||
| public UserDto signUp(UserDto userDto) { | ||
| if (userRepository.findByUsername(userDto.getUsername()).orElse(null) != null) | ||
| throw new DuplicateMemberException("이미 가입되어 있는 유저"); |
There was a problem hiding this comment.
도메인 exception 자체가 의미를 담고 있는것 같은데 굳이 error message를 넘겨줘야 할까요?
| public UserDto getMyUserWithAuthorities() { | ||
| return UserDto.from( | ||
| SecurityUtil.getCurrentUsername() | ||
| .flatMap(userRepository::findByUsername) |
There was a problem hiding this comment.
여긴 왜 flatMap을 사용하셨나요 ? .get() 해도 될 것 같은데
|
늦은 코멘트 미안합니당.. 수고 많으셨어요:) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
JWT를 이용해서 구현한 내용입니다.
[Summary]