From 6c75273aa50c74e890d2058eb8b2c50f875e9e27 Mon Sep 17 00:00:00 2001 From: toychip Date: Fri, 1 Dec 2023 18:54:37 +0900 Subject: [PATCH] feat: SecurityUtil CurrentMember method (#11) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 현재 사용자의 정보를 가져오는 SecurityUtil, currentMember method 생성 --- .../TaveShot/global/exception/ErrorType.java | 5 ++-- .../global/security/jwt/JwtProvider.java | 4 +-- .../security/oauth2/CustomOauth2User.java | 4 +++ .../TaveShot/global/util/SecurityUtil.java | 27 +++++++++++++++++++ 4 files changed, 36 insertions(+), 4 deletions(-) create mode 100644 src/main/java/com/api/TaveShot/global/util/SecurityUtil.java diff --git a/src/main/java/com/api/TaveShot/global/exception/ErrorType.java b/src/main/java/com/api/TaveShot/global/exception/ErrorType.java index 68f64ee..9c96337 100644 --- a/src/main/java/com/api/TaveShot/global/exception/ErrorType.java +++ b/src/main/java/com/api/TaveShot/global/exception/ErrorType.java @@ -34,8 +34,9 @@ public enum ErrorType { // ------------------------------------------ USER ------------------------------------------ - _USER_NOT_FOUND(NOT_FOUND, "USER_4040", "제공된 토큰으로 사용자를 찾을 수 없습니다.") - + _USER_NOT_FOUND_BY_TOKEN(NOT_FOUND, "USER_4040", "제공된 토큰으로 사용자를 찾을 수 없습니다."), + _UNAUTHORIZED(UNAUTHORIZED, "USER_4010", "로그인되지 않은 상태입니다."), + _USER_NOT_FOUND_DB(NOT_FOUND, "USER_4041", "존재하지 않는 회원입니다.") ; private final HttpStatus status; diff --git a/src/main/java/com/api/TaveShot/global/security/jwt/JwtProvider.java b/src/main/java/com/api/TaveShot/global/security/jwt/JwtProvider.java index d33e5d7..67d797b 100644 --- a/src/main/java/com/api/TaveShot/global/security/jwt/JwtProvider.java +++ b/src/main/java/com/api/TaveShot/global/security/jwt/JwtProvider.java @@ -3,7 +3,7 @@ import static com.api.TaveShot.global.constant.OauthConstant.ACCESS_TOKEN_VALID_TIME; import static com.api.TaveShot.global.exception.ErrorType._JWT_EXPIRED; import static com.api.TaveShot.global.exception.ErrorType._JWT_PARSING_ERROR; -import static com.api.TaveShot.global.exception.ErrorType._USER_NOT_FOUND; +import static com.api.TaveShot.global.exception.ErrorType._USER_NOT_FOUND_BY_TOKEN; import com.api.TaveShot.domain.Member.repository.MemberRepository; import com.api.TaveShot.global.exception.ApiException; @@ -87,7 +87,7 @@ public void getAuthenticationFromToken(final String jwtToken) { private void getGitLoginId(final String jwtToken) { Long userId = Long.valueOf(getUserIdFromToken(jwtToken)); memberRepository.findById(userId) - .orElseThrow(() -> new ApiException(_USER_NOT_FOUND)); + .orElseThrow(() -> new ApiException(_USER_NOT_FOUND_BY_TOKEN)); } // 토큰에서 유저 아이디 얻기 diff --git a/src/main/java/com/api/TaveShot/global/security/oauth2/CustomOauth2User.java b/src/main/java/com/api/TaveShot/global/security/oauth2/CustomOauth2User.java index cc28301..50f53c9 100644 --- a/src/main/java/com/api/TaveShot/global/security/oauth2/CustomOauth2User.java +++ b/src/main/java/com/api/TaveShot/global/security/oauth2/CustomOauth2User.java @@ -36,4 +36,8 @@ public Collection getAuthorities() { public String getName() { return member.getGitLoginId(); } + + public Member getMember() { + return this.member; + } } diff --git a/src/main/java/com/api/TaveShot/global/util/SecurityUtil.java b/src/main/java/com/api/TaveShot/global/util/SecurityUtil.java new file mode 100644 index 0000000..c87ed44 --- /dev/null +++ b/src/main/java/com/api/TaveShot/global/util/SecurityUtil.java @@ -0,0 +1,27 @@ +package com.api.TaveShot.global.util; + +import com.api.TaveShot.domain.Member.domain.Member; +import com.api.TaveShot.global.exception.ApiException; +import com.api.TaveShot.global.exception.ErrorType; +import com.api.TaveShot.global.security.oauth2.CustomOauth2User; +import org.springframework.security.core.Authentication; +import org.springframework.security.core.context.SecurityContextHolder; + +public class SecurityUtil { + + public static Member getCurrentMember() { + Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); + + if (authentication == null || !authentication.isAuthenticated()) { + throw new ApiException(ErrorType._UNAUTHORIZED); + } + + Object principal = authentication.getPrincipal(); + + if (principal instanceof CustomOauth2User) { + return ((CustomOauth2User) principal).getMember(); + } + + throw new ApiException(ErrorType._USER_NOT_FOUND_DB); + } +}