-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Browse files
Browse the repository at this point in the history
[#91] 사용자 인증, 인가 기능 구현 - 3
- Loading branch information
Showing
12 changed files
with
246 additions
and
48 deletions.
There are no files selected for viewing
29 changes: 29 additions & 0 deletions
29
src/main/java/com/programmers/ticketparis/auth/dto/Session.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,29 @@ | ||
package com.programmers.ticketparis.auth.dto; | ||
|
||
import java.time.LocalDateTime; | ||
|
||
import com.programmers.ticketparis.member.enums.MemberRole; | ||
|
||
import lombok.Getter; | ||
|
||
@Getter | ||
public class Session { | ||
|
||
private MemberRole memberRole; | ||
private Long memberId; | ||
private LocalDateTime lastAccessTime; | ||
|
||
private Session(MemberRole memberRole, Long memberId) { | ||
this.memberRole = memberRole; | ||
this.memberId = memberId; | ||
this.lastAccessTime = LocalDateTime.now(); | ||
} | ||
|
||
public static Session of(MemberRole memberRole, Long memberId) { | ||
return new Session(memberRole, memberId); | ||
} | ||
|
||
public void updateLastAccessTime() { | ||
this.lastAccessTime = LocalDateTime.now(); | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
43 changes: 43 additions & 0 deletions
43
src/main/java/com/programmers/ticketparis/auth/mvc/interceptor/AuthorizationInterceptor.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,43 @@ | ||
package com.programmers.ticketparis.auth.mvc.interceptor; | ||
|
||
import org.springframework.web.servlet.HandlerInterceptor; | ||
|
||
import com.programmers.ticketparis.auth.exception.AuthException; | ||
import com.programmers.ticketparis.auth.util.SessionThreadLocal; | ||
import com.programmers.ticketparis.auth.util.UrlToMemberRuleMatcher; | ||
import com.programmers.ticketparis.common.exception.ExceptionRule; | ||
import com.programmers.ticketparis.member.enums.MemberRole; | ||
|
||
import jakarta.servlet.http.HttpServletRequest; | ||
import jakarta.servlet.http.HttpServletResponse; | ||
import lombok.RequiredArgsConstructor; | ||
|
||
@RequiredArgsConstructor | ||
public class AuthorizationInterceptor implements HandlerInterceptor { | ||
|
||
private final UrlToMemberRuleMatcher urlToMemberRuleMatcher; | ||
|
||
//인증은 필터에서 끝났음. 인가 처리. ThreadLocal에는 무조건 멤버 정보가 있는 상황. | ||
//Config에서 매쳐에 등록한 URL만 인가 검사하도록 처리, 등록 안 했으면 다 통과되도록 | ||
@Override | ||
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws | ||
Exception { | ||
if (request.getMethod().equalsIgnoreCase("GET")) { | ||
return true; | ||
} | ||
|
||
String requestURI = request.getRequestURI(); | ||
MemberRole requestMemberRole = SessionThreadLocal.getSessionValueDto().getMemberRole(); | ||
if (!urlToMemberRuleMatcher.isMatch(requestURI, requestMemberRole)) { | ||
throw new AuthException(ExceptionRule.AUTHORIZATION_FAILED); | ||
} | ||
|
||
return true; | ||
} | ||
|
||
@Override | ||
public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, | ||
Exception ex) throws Exception { | ||
SessionThreadLocal.clear(); | ||
} | ||
} |
11 changes: 4 additions & 7 deletions
11
src/main/java/com/programmers/ticketparis/auth/repository/SessionRepository.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
27 changes: 27 additions & 0 deletions
27
src/main/java/com/programmers/ticketparis/auth/service/SessionExpiryScheduler.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,27 @@ | ||
package com.programmers.ticketparis.auth.service; | ||
|
||
import java.time.Duration; | ||
import java.time.LocalDateTime; | ||
|
||
import org.springframework.scheduling.annotation.Scheduled; | ||
import org.springframework.stereotype.Component; | ||
|
||
import com.programmers.ticketparis.auth.repository.localCashSessionRepository; | ||
|
||
import lombok.RequiredArgsConstructor; | ||
|
||
@Component | ||
@RequiredArgsConstructor | ||
public class SessionExpiryScheduler { | ||
|
||
private final localCashSessionRepository sessionRepository; | ||
|
||
@Scheduled(cron = "0 * * * * *") // 매 분마다 실행(정확히 0초가 될 때마다 실행되는 방식) | ||
public void expireSessions() { | ||
LocalDateTime now = LocalDateTime.now(); | ||
sessionRepository.getSessionLocalCash().values().removeIf | ||
( | ||
session -> Duration.between(session.getLastAccessTime(), now).toMinutes() > 30 | ||
); | ||
} | ||
} |
20 changes: 20 additions & 0 deletions
20
src/main/java/com/programmers/ticketparis/auth/util/SessionThreadLocal.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
package com.programmers.ticketparis.auth.util; | ||
|
||
import com.programmers.ticketparis.auth.dto.Session; | ||
|
||
public class SessionThreadLocal { | ||
|
||
private static final ThreadLocal<Session> sessionValueThreadLocal = new ThreadLocal<>(); | ||
|
||
public static Session getSessionValueDto() { | ||
return sessionValueThreadLocal.get(); | ||
} | ||
|
||
public static void setSessionValueDto(Session loggedInMemberInfo) { | ||
sessionValueThreadLocal.set(loggedInMemberInfo); | ||
} | ||
|
||
public static void clear() { | ||
sessionValueThreadLocal.remove(); | ||
} | ||
} |
Oops, something went wrong.