로그인 시, 접속 IP 대역 확인
This commit is contained in:
@@ -39,10 +39,10 @@ public class ApiLogFunction {
|
|||||||
|
|
||||||
public static String getXFowardedForIp(HttpServletRequest request) {
|
public static String getXFowardedForIp(HttpServletRequest request) {
|
||||||
String ip = request.getHeader("X-Forwarded-For");
|
String ip = request.getHeader("X-Forwarded-For");
|
||||||
if (ip != null) {
|
if (ip != null && !ip.isBlank()) {
|
||||||
ip = ip.split(",")[0].trim();
|
return ip.split(",")[0].trim();
|
||||||
}
|
}
|
||||||
return ip;
|
return request.getRemoteAddr();
|
||||||
}
|
}
|
||||||
|
|
||||||
// 사용자 ID 추출 예시 (Spring Security 기준)
|
// 사용자 ID 추출 예시 (Spring Security 기준)
|
||||||
|
|||||||
@@ -4,6 +4,7 @@ import com.kamco.cd.kamcoback.auth.CustomUserDetails;
|
|||||||
import com.kamco.cd.kamcoback.auth.JwtTokenProvider;
|
import com.kamco.cd.kamcoback.auth.JwtTokenProvider;
|
||||||
import com.kamco.cd.kamcoback.auth.RefreshTokenService;
|
import com.kamco.cd.kamcoback.auth.RefreshTokenService;
|
||||||
import com.kamco.cd.kamcoback.common.enums.StatusType;
|
import com.kamco.cd.kamcoback.common.enums.StatusType;
|
||||||
|
import com.kamco.cd.kamcoback.config.api.ApiLogFunction;
|
||||||
import com.kamco.cd.kamcoback.config.api.ApiResponseDto;
|
import com.kamco.cd.kamcoback.config.api.ApiResponseDto;
|
||||||
import com.kamco.cd.kamcoback.members.dto.MembersDto;
|
import com.kamco.cd.kamcoback.members.dto.MembersDto;
|
||||||
import com.kamco.cd.kamcoback.members.dto.SignInRequest;
|
import com.kamco.cd.kamcoback.members.dto.SignInRequest;
|
||||||
@@ -16,11 +17,13 @@ import io.swagger.v3.oas.annotations.media.Schema;
|
|||||||
import io.swagger.v3.oas.annotations.responses.ApiResponse;
|
import io.swagger.v3.oas.annotations.responses.ApiResponse;
|
||||||
import io.swagger.v3.oas.annotations.responses.ApiResponses;
|
import io.swagger.v3.oas.annotations.responses.ApiResponses;
|
||||||
import io.swagger.v3.oas.annotations.tags.Tag;
|
import io.swagger.v3.oas.annotations.tags.Tag;
|
||||||
|
import jakarta.servlet.http.HttpServletRequest;
|
||||||
import jakarta.servlet.http.HttpServletResponse;
|
import jakarta.servlet.http.HttpServletResponse;
|
||||||
import java.nio.file.AccessDeniedException;
|
import java.nio.file.AccessDeniedException;
|
||||||
import java.time.Duration;
|
import java.time.Duration;
|
||||||
import java.util.UUID;
|
import java.util.UUID;
|
||||||
import lombok.RequiredArgsConstructor;
|
import lombok.RequiredArgsConstructor;
|
||||||
|
import lombok.extern.slf4j.Slf4j;
|
||||||
import org.springframework.beans.factory.annotation.Value;
|
import org.springframework.beans.factory.annotation.Value;
|
||||||
import org.springframework.http.HttpHeaders;
|
import org.springframework.http.HttpHeaders;
|
||||||
import org.springframework.http.ResponseCookie;
|
import org.springframework.http.ResponseCookie;
|
||||||
@@ -34,6 +37,7 @@ import org.springframework.web.bind.annotation.RequestBody;
|
|||||||
import org.springframework.web.bind.annotation.RequestMapping;
|
import org.springframework.web.bind.annotation.RequestMapping;
|
||||||
import org.springframework.web.bind.annotation.RestController;
|
import org.springframework.web.bind.annotation.RestController;
|
||||||
|
|
||||||
|
@Slf4j
|
||||||
@Tag(name = "인증(Auth)", description = "로그인, 토큰 재발급, 로그아웃 API")
|
@Tag(name = "인증(Auth)", description = "로그인, 토큰 재발급, 로그아웃 API")
|
||||||
@RestController
|
@RestController
|
||||||
@RequestMapping("/api/auth")
|
@RequestMapping("/api/auth")
|
||||||
@@ -103,8 +107,13 @@ public class AuthController {
|
|||||||
required = true)
|
required = true)
|
||||||
@RequestBody
|
@RequestBody
|
||||||
SignInRequest request,
|
SignInRequest request,
|
||||||
|
HttpServletRequest servletRequest,
|
||||||
HttpServletResponse response) {
|
HttpServletResponse response) {
|
||||||
|
|
||||||
|
// TODO: 접속 가능한 IP 대역 조회
|
||||||
|
String clientIp = ApiLogFunction.getXFowardedForIp(servletRequest);
|
||||||
|
log.info("####### clientIp: {}", clientIp);
|
||||||
|
|
||||||
// 사용자 상태 조회
|
// 사용자 상태 조회
|
||||||
String status = authService.getUserStatus(request);
|
String status = authService.getUserStatus(request);
|
||||||
Authentication authentication = null;
|
Authentication authentication = null;
|
||||||
|
|||||||
Reference in New Issue
Block a user