|
|
|
@ -15,6 +15,7 @@ import org.springframework.http.ResponseEntity;
|
|
|
|
import org.springframework.security.authentication.AuthenticationManager;
|
|
|
|
import org.springframework.security.authentication.AuthenticationManager;
|
|
|
|
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
|
|
|
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
|
|
|
import org.springframework.security.core.Authentication;
|
|
|
|
import org.springframework.security.core.Authentication;
|
|
|
|
|
|
|
|
import org.springframework.security.core.GrantedAuthority;
|
|
|
|
import org.springframework.security.core.context.SecurityContextHolder;
|
|
|
|
import org.springframework.security.core.context.SecurityContextHolder;
|
|
|
|
import org.springframework.security.crypto.password.PasswordEncoder;
|
|
|
|
import org.springframework.security.crypto.password.PasswordEncoder;
|
|
|
|
import org.springframework.web.bind.annotation.*;
|
|
|
|
import org.springframework.web.bind.annotation.*;
|
|
|
|
@ -63,12 +64,11 @@ public class AuthController {
|
|
|
|
@Autowired
|
|
|
|
@Autowired
|
|
|
|
RefreshTokenService refreshTokenService;
|
|
|
|
RefreshTokenService refreshTokenService;
|
|
|
|
|
|
|
|
|
|
|
|
@Operation(summary = "User login", description = "Authenticate user and return JWT and refresh token cookies.")
|
|
|
|
@Operation(summary = "로그인", description = "사용자 인증 후 JWT 및 리프레시 토큰 쿠키를 반환합니다.")
|
|
|
|
@ApiResponses({
|
|
|
|
@ApiResponses({
|
|
|
|
@ApiResponse(responseCode = "200", description = "Login successful"),
|
|
|
|
@ApiResponse(responseCode = "200", description = "로그인 성공"),
|
|
|
|
@ApiResponse(responseCode = "401", description = "Invalid credentials")
|
|
|
|
@ApiResponse(responseCode = "401", description = "잘못된 사용자명 또는 비밀번호")
|
|
|
|
})
|
|
|
|
})
|
|
|
|
|
|
|
|
|
|
|
|
@PostMapping("/signin")
|
|
|
|
@PostMapping("/signin")
|
|
|
|
public ResponseEntity<?> authenticateUser(@Valid @RequestBody LoginRequest loginRequest) {
|
|
|
|
public ResponseEntity<?> authenticateUser(@Valid @RequestBody LoginRequest loginRequest) {
|
|
|
|
Authentication authentication = authenticationManager.authenticate(
|
|
|
|
Authentication authentication = authenticationManager.authenticate(
|
|
|
|
@ -87,7 +87,7 @@ public class AuthController {
|
|
|
|
ResponseCookie jwtRefreshCookie = jwtUtils.generateRefreshJwtCookie(refreshToken.getToken());
|
|
|
|
ResponseCookie jwtRefreshCookie = jwtUtils.generateRefreshJwtCookie(refreshToken.getToken());
|
|
|
|
|
|
|
|
|
|
|
|
List<String> roles = userDetails.getAuthorities().stream()
|
|
|
|
List<String> roles = userDetails.getAuthorities().stream()
|
|
|
|
.map(item -> item.getAuthority())
|
|
|
|
.map(GrantedAuthority::getAuthority)
|
|
|
|
.collect(Collectors.toList());
|
|
|
|
.collect(Collectors.toList());
|
|
|
|
|
|
|
|
|
|
|
|
return ResponseEntity.ok()
|
|
|
|
return ResponseEntity.ok()
|
|
|
|
@ -101,6 +101,11 @@ public class AuthController {
|
|
|
|
));
|
|
|
|
));
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@Operation(summary = "회원가입", description = "새로운 사용자를 등록합니다.")
|
|
|
|
|
|
|
|
@ApiResponses({
|
|
|
|
|
|
|
|
@ApiResponse(responseCode = "200", description = "회원가입 성공"),
|
|
|
|
|
|
|
|
@ApiResponse(responseCode = "400", description = "중복된 사용자명 또는 이메일")
|
|
|
|
|
|
|
|
})
|
|
|
|
@PostMapping("/signup")
|
|
|
|
@PostMapping("/signup")
|
|
|
|
public ResponseEntity<?> registerUser(@Valid @RequestBody SignupRequest signUpRequest) {
|
|
|
|
public ResponseEntity<?> registerUser(@Valid @RequestBody SignupRequest signUpRequest) {
|
|
|
|
if (userRepository.existsByUsername(signUpRequest.getUsername())) {
|
|
|
|
if (userRepository.existsByUsername(signUpRequest.getUsername())) {
|
|
|
|
@ -144,8 +149,10 @@ public class AuthController {
|
|
|
|
return ResponseEntity.ok(new MessageResponse("User registered successfully!"));
|
|
|
|
return ResponseEntity.ok(new MessageResponse("User registered successfully!"));
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
@Operation(summary = "Logout", description = "Logout current user by deleting cookies and refresh token.")
|
|
|
|
@Operation(summary = "로그아웃", description = "현재 사용자를 로그아웃하고 쿠키 및 리프레시 토큰을 삭제합니다.")
|
|
|
|
@ApiResponse(responseCode = "200", description = "Logged out successfully")
|
|
|
|
@ApiResponses({
|
|
|
|
|
|
|
|
@ApiResponse(responseCode = "200", description = "로그아웃 성공")
|
|
|
|
|
|
|
|
})
|
|
|
|
@PostMapping("/signout")
|
|
|
|
@PostMapping("/signout")
|
|
|
|
public ResponseEntity<?> logoutUser() {
|
|
|
|
public ResponseEntity<?> logoutUser() {
|
|
|
|
Object principle = SecurityContextHolder.getContext().getAuthentication().getPrincipal();
|
|
|
|
Object principle = SecurityContextHolder.getContext().getAuthentication().getPrincipal();
|
|
|
|
@ -163,10 +170,10 @@ public class AuthController {
|
|
|
|
.body(new MessageResponse("You've been signed out!"));
|
|
|
|
.body(new MessageResponse("You've been signed out!"));
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
@Operation(summary = "Refresh token", description = "Get a new access token using the refresh token from cookie.")
|
|
|
|
@Operation(summary = "토큰 갱신", description = "쿠키에 저장된 리프레시 토큰을 통해 새로운 엑세스 토큰을 발급합니다.")
|
|
|
|
@ApiResponses({
|
|
|
|
@ApiResponses({
|
|
|
|
@ApiResponse(responseCode = "200", description = "Token refreshed successfully"),
|
|
|
|
@ApiResponse(responseCode = "200", description = "토큰 갱신 성공"),
|
|
|
|
@ApiResponse(responseCode = "400", description = "Refresh token is missing or invalid")
|
|
|
|
@ApiResponse(responseCode = "400", description = "리프레시 토큰이 없거나 유효하지 않음")
|
|
|
|
})
|
|
|
|
})
|
|
|
|
@PostMapping("/refreshtoken")
|
|
|
|
@PostMapping("/refreshtoken")
|
|
|
|
public ResponseEntity<?> refreshtoken(HttpServletRequest request) {
|
|
|
|
public ResponseEntity<?> refreshtoken(HttpServletRequest request) {
|
|
|
|
|
