-
Notifications
You must be signed in to change notification settings - Fork 78
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
6주차 과제 - 로그인 구현하기 #70
Changes from 1 commit
50766c1
6974c98
3f6ec78
e500054
a3bb4f6
6caff11
c32ae97
df8f01e
a1ecba0
93ff275
2c04eae
90f9e60
a8d90b9
05db189
7efccfe
c833de7
c793d25
7930ef9
a64d3c4
324f9db
042eaaa
ea2588a
0699e11
1f1b99f
1888b60
522ac8f
7760d3f
5cb2b86
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,25 @@ | ||
package com.codesoom.assignment.application; | ||
|
||
import com.codesoom.assignment.utils.JwtUtil; | ||
import io.jsonwebtoken.Claims; | ||
import lombok.extern.slf4j.Slf4j; | ||
import org.springframework.stereotype.Service; | ||
|
||
@Service | ||
@Slf4j | ||
public class AuthenticationService { | ||
|
||
private final JwtUtil jwtUtil; | ||
|
||
public AuthenticationService(JwtUtil jwtUtil) { | ||
this.jwtUtil = jwtUtil; | ||
} | ||
|
||
public String login(){ | ||
return jwtUtil.encode(1L); | ||
} | ||
|
||
public Claims parseToken(String token) { | ||
return jwtUtil.decode(token); | ||
} | ||
} | ||
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
package com.codesoom.assignment.errors; | ||
|
||
public class InvalidTokenException extends RuntimeException { | ||
public InvalidTokenException(String token) { | ||
super("Invalid token : " + token); | ||
} | ||
} |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,46 @@ | ||
package com.codesoom.assignment.utils; | ||
|
||
import com.codesoom.assignment.errors.InvalidTokenException; | ||
import io.jsonwebtoken.Claims; | ||
import io.jsonwebtoken.Jws; | ||
import io.jsonwebtoken.Jwts; | ||
import io.jsonwebtoken.security.Keys; | ||
import io.jsonwebtoken.security.SignatureException; | ||
import lombok.extern.slf4j.Slf4j; | ||
import org.springframework.beans.factory.annotation.Value; | ||
import org.springframework.stereotype.Component; | ||
|
||
import java.security.Key; | ||
|
||
@Component | ||
public class JwtUtil { | ||
|
||
private final Key key; | ||
|
||
public JwtUtil(@Value("${jwt.secret}") String secret){ | ||
key = Keys.hmacShaKeyFor(secret.getBytes()); | ||
} | ||
|
||
public String encode(Long userId){ | ||
return Jwts.builder() | ||
.claim("userId" , userId) | ||
.signWith(key) | ||
.compact(); | ||
} | ||
|
||
public Claims decode(String token) { | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. 예외를 던지는 부분을 주석을 잘 남겨주시면 좋겠어요! |
||
if(token == null || token.isBlank()){ | ||
throw new InvalidTokenException(token); | ||
} | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. 어쩌면 There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Spring의 StringUtils로 대체해봤습니다 |
||
try{ | ||
return Jwts.parserBuilder() | ||
.setSigningKey(key) | ||
.build() | ||
.parseClaimsJws(token) | ||
.getBody(); | ||
}catch(SignatureException e){ | ||
throw new InvalidTokenException(token); | ||
} | ||
|
||
} | ||
} |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,40 @@ | ||
package com.codesoom.assignment.applcation; | ||
|
||
import com.codesoom.assignment.application.AuthenticationService; | ||
import com.codesoom.assignment.utils.JwtUtil; | ||
import org.junit.jupiter.api.BeforeEach; | ||
import org.junit.jupiter.api.DisplayName; | ||
import org.junit.jupiter.api.Nested; | ||
import org.junit.jupiter.api.Test; | ||
|
||
import static org.assertj.core.api.Assertions.*; | ||
|
||
class AuthenticationServiceTest { | ||
|
||
private AuthenticationService service; | ||
private final String SECRET = "12345678901234567890123456789012"; | ||
|
||
@BeforeEach | ||
void setUp() { | ||
JwtUtil jwtUtil = new JwtUtil(SECRET); | ||
service = new AuthenticationService(jwtUtil); | ||
} | ||
|
||
@Nested | ||
@DisplayName("") | ||
class Describe_{ | ||
|
||
@Nested | ||
@DisplayName("") | ||
class Context_{ | ||
|
||
@Test | ||
@DisplayName("") | ||
void It_(){ | ||
String accessToken = service.login(); | ||
|
||
assertThat(accessToken).contains(".xxxx"); | ||
} | ||
} | ||
} | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
JwtUtil
을 직접 사용하는 것과 비교해서AuthenticationService
를 쓰는 것은 어떠한 장점이 있을까요?!!There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
인증과 JWT 기능에 대한 관심사가 분리되어 있기 때문에 Service가 인증에 대한 책임을 잘 맡으면 다른 도메인 컨트롤러에서도 유용하게 사용할 수 있을 것 같습니다 ㅎㅎ
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
좋아요! 하지만 그렇다면!
Claims
를 리턴하면 JWT를 명시하게 되는 것이 될거에요!There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
넵 컨트롤러는
AuthenticationService.tokenValidation(String token)
을 호출하게만 했고 서비스는 JWT의 존재는 모르게userId
만 받아서 사용자를 찾게만 해봤습니다.말씀대로
Claims
는 JwtUtil에서만 사용하도록 했습니다.