-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
3 changed files
with
97 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
57 changes: 57 additions & 0 deletions
57
login/src/main/java/hello/login/web/filter/LoginCheckFilter.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,57 @@ | ||
package hello.login.web.filter; | ||
|
||
import hello.login.web.SessionConst; | ||
import lombok.extern.slf4j.Slf4j; | ||
import org.springframework.util.PatternMatchUtils; | ||
|
||
import javax.servlet.*; | ||
import javax.servlet.http.HttpServletRequest; | ||
import javax.servlet.http.HttpServletResponse; | ||
import javax.servlet.http.HttpSession; | ||
import java.io.IOException; | ||
|
||
@Slf4j | ||
public class LoginCheckFilter implements Filter { | ||
|
||
private static final String[] whitelist = {"/", "/members/add", "/login", "/logout", "/css/*"}; | ||
|
||
@Override | ||
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { | ||
|
||
HttpServletRequest httpRequest = (HttpServletRequest) request; | ||
String requestURI = httpRequest.getRequestURI(); | ||
|
||
HttpServletResponse httpResponse = (HttpServletResponse) response; | ||
|
||
try { | ||
log.info("인증 체크 필터 시작 {}", requestURI); | ||
|
||
if (isLoginCheckPath(requestURI)) { | ||
log.info("인증 체크 로직 실행 {}", requestURI); | ||
HttpSession session = httpRequest.getSession(false); | ||
if (session == null || session.getAttribute(SessionConst.LOGIN_MEMBER) == null) { | ||
log.info("미인증 사용자 요청 {}", requestURI); | ||
//로그인으로 redirect | ||
httpResponse.sendRedirect("/login?redirectURL=" + requestURI); | ||
|
||
return; //미인증 사용자는 다음으로 진행하지 않고 끝! | ||
} | ||
|
||
} | ||
chain.doFilter(request, response); | ||
|
||
} catch (Exception e) { | ||
throw e; //예외 로깅 가능하지만, 톰캣까지 예외를 보내줘야 함. | ||
} finally { | ||
log.info("인증 체크 필터 종료 {}", requestURI); | ||
} | ||
|
||
} | ||
|
||
/** | ||
* 화이트 리스트의 경우 인증 체크 X | ||
*/ | ||
private boolean isLoginCheckPath(String requestURI) { | ||
return !PatternMatchUtils.simpleMatch(whitelist, requestURI); | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters