Merge pull request #45 from wafflestudio/feat/socialLogin

jwtauthenticationfilter 예전버전으로 바꿈
wafflestudio · Jan 20, 2025 · a2e1b01 · a2e1b01
2 parents 7acbcfb + d2ac9ea
commit a2e1b01
Show file tree

Hide file tree

Showing 3 changed files with 73 additions and 6 deletions.
diff --git a/src/main/kotlin/com/toyProject7/karrot/security/JwtAuthenticationFilter.kt b/src/main/kotlin/com/toyProject7/karrot/security/JwtAuthenticationFilter.kt
@@ -1,10 +1,12 @@
 package com.toyProject7.karrot.security
-
 import com.toyProject7.karrot.user.UserAccessTokenUtil
 import com.toyProject7.karrot.user.service.UserService
 import jakarta.servlet.FilterChain
 import jakarta.servlet.http.HttpServletRequest
 import jakarta.servlet.http.HttpServletResponse
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken
+import org.springframework.security.core.context.SecurityContextHolder
+import org.springframework.security.web.authentication.WebAuthenticationDetailsSource
 import org.springframework.security.web.util.matcher.AntPathRequestMatcher
 import org.springframework.stereotype.Component
 import org.springframework.web.filter.OncePerRequestFilter
@@ -25,23 +27,35 @@ class JwtAuthenticationFilter(
             filterChain.doFilter(request, response)
             return
         }
-
         val authHeader = request.getHeader("Authorization")
-
         if (authHeader != null && authHeader.startsWith("Bearer ")) {
             val token = authHeader.substring(7)
-
             try {
                 // Validate the token
                 if (UserAccessTokenUtil.validateToken(token)) {
-                    // do nothing
+                    // Get user ID from token
+                    val userId = UserAccessTokenUtil.getUserIdFromToken(token)
+
+                    // Load user details
+                    val userDetails = userService.loadSocialUserById(userId)
+
+                    // Create authentication token
+                    val authentication =
+                        UsernamePasswordAuthenticationToken(
+                            userDetails,
+                            null,
+                            userDetails.authorities,
+                        )
+                    authentication.details = WebAuthenticationDetailsSource().buildDetails(request)
+
+                    // Set the authentication in the context
+                    SecurityContextHolder.getContext().authentication = authentication
                 }
             } catch (e: Exception) {
                 // Handle exceptions (e.g., log them)
                 println("Failed to authenticate user: ${e.message}")
             }
         }
-
         filterChain.doFilter(request, response)
     }
 

diff --git a/src/main/kotlin/com/toyProject7/karrot/user/persistence/UserPrincipal.kt b/src/main/kotlin/com/toyProject7/karrot/user/persistence/UserPrincipal.kt
@@ -0,0 +1,43 @@
+package com.toyProject7.karrot.user.persistence
+
+import org.springframework.security.core.GrantedAuthority
+import org.springframework.security.core.authority.SimpleGrantedAuthority
+import org.springframework.security.core.userdetails.UserDetails
+
+data class UserPrincipal(
+    val id: String,
+    private val email: String,
+    private val nickname: String,
+    private val password: String?,
+    private val authorities: Collection<GrantedAuthority>,
+) : UserDetails {
+    companion object {
+        fun create(user: UserEntity): UserPrincipal {
+            val authorities = listOf(SimpleGrantedAuthority("ROLE_USER"))
+
+            return UserPrincipal(
+                id = user.id!!,
+                email = user.email,
+                nickname = user.nickname,
+                password = null,
+                authorities = authorities,
+            )
+        }
+    }
+
+    override fun getAuthorities(): Collection<GrantedAuthority> = authorities
+
+    override fun getPassword(): String? = password
+
+    fun getNickname(): String = nickname
+
+    override fun getUsername(): String = email
+
+    override fun isAccountNonExpired(): Boolean = true
+
+    override fun isAccountNonLocked(): Boolean = true
+
+    override fun isCredentialsNonExpired(): Boolean = true
+
+    override fun isEnabled(): Boolean = true
+}
diff --git a/src/main/kotlin/com/toyProject7/karrot/user/service/UserService.kt b/src/main/kotlin/com/toyProject7/karrot/user/service/UserService.kt
@@ -17,9 +17,11 @@ import com.toyProject7.karrot.user.persistence.NormalUser
 import com.toyProject7.karrot.user.persistence.NormalUserRepository
 import com.toyProject7.karrot.user.persistence.SocialUser
 import com.toyProject7.karrot.user.persistence.UserEntity
+import com.toyProject7.karrot.user.persistence.UserPrincipal
 import com.toyProject7.karrot.user.persistence.UserRepository
 import org.mindrot.jbcrypt.BCrypt
 import org.springframework.data.repository.findByIdOrNull
+import org.springframework.security.core.userdetails.UsernameNotFoundException
 import org.springframework.stereotype.Service
 import org.springframework.transaction.annotation.Transactional
 import java.time.Instant
@@ -144,4 +146,12 @@ class UserService(
     fun getUserEntityById(id: String): UserEntity {
         return userRepository.findByIdOrNull(id) ?: throw AuthenticateException()
     }
+
+    @Transactional
+    fun loadSocialUserById(id: String): UserPrincipal {
+        val user =
+            userRepository.findById(id)
+                .orElseThrow { UsernameNotFoundException("User not found with id: $id") }
+        return UserPrincipal.create(user)
+    }
 }