diff --git a/src/main/kotlin/com/toyProject7/karrot/security/JwtAuthenticationFilter.kt b/src/main/kotlin/com/toyProject7/karrot/security/JwtAuthenticationFilter.kt index f485045..c6b3f2d 100644 --- a/src/main/kotlin/com/toyProject7/karrot/security/JwtAuthenticationFilter.kt +++ b/src/main/kotlin/com/toyProject7/karrot/security/JwtAuthenticationFilter.kt @@ -1,10 +1,12 @@ package com.toyProject7.karrot.security - import com.toyProject7.karrot.user.UserAccessTokenUtil import com.toyProject7.karrot.user.service.UserService import jakarta.servlet.FilterChain import jakarta.servlet.http.HttpServletRequest import jakarta.servlet.http.HttpServletResponse +import org.springframework.security.authentication.UsernamePasswordAuthenticationToken +import org.springframework.security.core.context.SecurityContextHolder +import org.springframework.security.web.authentication.WebAuthenticationDetailsSource import org.springframework.security.web.util.matcher.AntPathRequestMatcher import org.springframework.stereotype.Component import org.springframework.web.filter.OncePerRequestFilter @@ -25,23 +27,35 @@ class JwtAuthenticationFilter( filterChain.doFilter(request, response) return } - val authHeader = request.getHeader("Authorization") - if (authHeader != null && authHeader.startsWith("Bearer ")) { val token = authHeader.substring(7) - try { // Validate the token if (UserAccessTokenUtil.validateToken(token)) { - // do nothing + // Get user ID from token + val userId = UserAccessTokenUtil.getUserIdFromToken(token) + + // Load user details + val userDetails = userService.loadSocialUserById(userId) + + // Create authentication token + val authentication = + UsernamePasswordAuthenticationToken( + userDetails, + null, + userDetails.authorities, + ) + authentication.details = WebAuthenticationDetailsSource().buildDetails(request) + + // Set the authentication in the context + SecurityContextHolder.getContext().authentication = authentication } } catch (e: Exception) { // Handle exceptions (e.g., log them) println("Failed to authenticate user: ${e.message}") } } - filterChain.doFilter(request, response) } diff --git a/src/main/kotlin/com/toyProject7/karrot/user/persistence/UserPrincipal.kt b/src/main/kotlin/com/toyProject7/karrot/user/persistence/UserPrincipal.kt new file mode 100644 index 0000000..491ca5e --- /dev/null +++ b/src/main/kotlin/com/toyProject7/karrot/user/persistence/UserPrincipal.kt @@ -0,0 +1,43 @@ +package com.toyProject7.karrot.user.persistence + +import org.springframework.security.core.GrantedAuthority +import org.springframework.security.core.authority.SimpleGrantedAuthority +import org.springframework.security.core.userdetails.UserDetails + +data class UserPrincipal( + val id: String, + private val email: String, + private val nickname: String, + private val password: String?, + private val authorities: Collection, +) : UserDetails { + companion object { + fun create(user: UserEntity): UserPrincipal { + val authorities = listOf(SimpleGrantedAuthority("ROLE_USER")) + + return UserPrincipal( + id = user.id!!, + email = user.email, + nickname = user.nickname, + password = null, + authorities = authorities, + ) + } + } + + override fun getAuthorities(): Collection = authorities + + override fun getPassword(): String? = password + + fun getNickname(): String = nickname + + override fun getUsername(): String = email + + override fun isAccountNonExpired(): Boolean = true + + override fun isAccountNonLocked(): Boolean = true + + override fun isCredentialsNonExpired(): Boolean = true + + override fun isEnabled(): Boolean = true +} diff --git a/src/main/kotlin/com/toyProject7/karrot/user/service/UserService.kt b/src/main/kotlin/com/toyProject7/karrot/user/service/UserService.kt index ec3dc5a..ebaf456 100644 --- a/src/main/kotlin/com/toyProject7/karrot/user/service/UserService.kt +++ b/src/main/kotlin/com/toyProject7/karrot/user/service/UserService.kt @@ -17,9 +17,11 @@ import com.toyProject7.karrot.user.persistence.NormalUser import com.toyProject7.karrot.user.persistence.NormalUserRepository import com.toyProject7.karrot.user.persistence.SocialUser import com.toyProject7.karrot.user.persistence.UserEntity +import com.toyProject7.karrot.user.persistence.UserPrincipal import com.toyProject7.karrot.user.persistence.UserRepository import org.mindrot.jbcrypt.BCrypt import org.springframework.data.repository.findByIdOrNull +import org.springframework.security.core.userdetails.UsernameNotFoundException import org.springframework.stereotype.Service import org.springframework.transaction.annotation.Transactional import java.time.Instant @@ -144,4 +146,12 @@ class UserService( fun getUserEntityById(id: String): UserEntity { return userRepository.findByIdOrNull(id) ?: throw AuthenticateException() } + + @Transactional + fun loadSocialUserById(id: String): UserPrincipal { + val user = + userRepository.findById(id) + .orElseThrow { UsernameNotFoundException("User not found with id: $id") } + return UserPrincipal.create(user) + } }