feat:[kakao-tech-campus-2nd-step3#22]-Add JwtFilter

JWT 로직을 처리할 서블릿 필터 구현. UserDetailsService 부분이 추가 구현사항으로 남아있다.
yooonwodyd · Sep 23, 2024 · 203326b · 203326b
1 parent 817e4ef
commit 203326b
Showing 1 changed file with 54 additions and 0 deletions.
diff --git a/src/main/java/com/helpmeCookies/global/security/JwtAuthenticationFilter.java b/src/main/java/com/helpmeCookies/global/security/JwtAuthenticationFilter.java
@@ -0,0 +1,54 @@
+package com.helpmeCookies.global.security;
+
+import java.io.IOException;
+
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.stereotype.Component;
+import org.springframework.web.filter.OncePerRequestFilter;
+
+import com.helpmeCookies.global.jwt.JwtProvider;
+import com.helpmeCookies.global.jwt.JwtUser;
+
+import jakarta.servlet.FilterChain;
+import jakarta.servlet.ServletException;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+
+@RequiredArgsConstructor
+@Slf4j
+@Component
+public class JwtAuthenticationFilter extends OncePerRequestFilter {
+	private final JwtProvider jwtProvider;
+
+	private static final String AUTHORIZATION_HEADER = "Authorization";
+
+	@Override
+	protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response,
+		FilterChain filterChain) throws ServletException, IOException {
+		log.info("JwtAuthenticationFilter");
+		String rawToken;
+
+		// 토큰 추출
+		try {
+			rawToken = jwtProvider.parseHeader(request.getHeader(AUTHORIZATION_HEADER));
+		} catch (Exception e) {
+			filterChain.doFilter(request, response);
+			return;
+		}
+
+		// TODO: UserDetailsService를 통해 사용자 정보를 가져와 인증을 진행한다.
+		if (jwtProvider.validateToken(rawToken, true)) {
+			JwtUser jwtUser = jwtProvider.getJwtUser(rawToken);
+			Authentication authentication = new UsernamePasswordAuthenticationToken(jwtUser, null,
+				jwtUser.getAuthorities());
+			SecurityContextHolder.getContext().setAuthentication(authentication);
+		}
+
+		filterChain.doFilter(request, response);
+	}
+}