jwt 소스 추가

2025-12-03 18:47:45 +09:00
parent c3c484442e
commit 7884416e75
33 changed files with 738 additions and 681 deletions
--- a/src/main/java/com/kamco/cd/kamcoback/config/GlobalExceptionHandler.java
+++ b/src/main/java/com/kamco/cd/kamcoback/config/GlobalExceptionHandler.java
@@ -1,5 +1,6 @@
 package com.kamco.cd.kamcoback.config;

+import com.kamco.cd.kamcoback.common.exception.CustomApiException;
 import com.kamco.cd.kamcoback.config.api.ApiLogFunction;
 import com.kamco.cd.kamcoback.config.api.ApiResponseDto;
 import com.kamco.cd.kamcoback.config.api.ApiResponseDto.ApiResponseCode;
@@ -19,6 +20,7 @@ import lombok.extern.slf4j.Slf4j;
 import org.springframework.core.annotation.Order;
 import org.springframework.dao.DataIntegrityViolationException;
 import org.springframework.http.HttpStatus;
+import org.springframework.http.ResponseEntity;
 import org.springframework.http.converter.HttpMessageNotReadableException;
 import org.springframework.web.bind.MethodArgumentNotValidException;
 import org.springframework.web.bind.annotation.ExceptionHandler;
@@ -366,4 +368,25 @@ public class GlobalExceptionHandler {

    return errorLogRepository.save(errorLogEntity);
  }
+
+  @ExceptionHandler(CustomApiException.class)
+  public ResponseEntity<ApiResponseDto<String>> handleCustomApiException(
+      CustomApiException e, HttpServletRequest request) {
+    log.warn("[CustomApiException] resource : {}", e.getMessage());
+
+    String codeName = e.getCodeName();
+    HttpStatus status = e.getStatus();
+    String message = e.getMessage() == null ? ApiResponseCode.getMessage(codeName) : e.getMessage();
+
+    ApiResponseCode apiCode = ApiResponseCode.getCode(codeName);
+
+    ErrorLogEntity errorLog =
+        saveErrerLogData(
+            request, apiCode, status, ErrorLogDto.LogErrorLevel.WARNING, e.getStackTrace());
+
+    ApiResponseDto<String> body =
+        ApiResponseDto.createException(apiCode, message, status, errorLog.getId());
+
+    return new ResponseEntity<>(body, status);
+  }
 }
--- a/src/main/java/com/kamco/cd/kamcoback/config/SecurityConfig.java
+++ b/src/main/java/com/kamco/cd/kamcoback/config/SecurityConfig.java
@@ -0,0 +1,53 @@
+package com.kamco.cd.kamcoback.config;
+
+import com.kamco.cd.kamcoback.auth.CustomAuthenticationProvider;
+import com.kamco.cd.kamcoback.auth.JwtAuthenticationFilter;
+import lombok.RequiredArgsConstructor;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.http.SessionCreationPolicy;
+import org.springframework.security.web.SecurityFilterChain;
+import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
+
+@Configuration
+@EnableWebSecurity
+@RequiredArgsConstructor
+public class SecurityConfig {
+
+  private final JwtAuthenticationFilter jwtAuthenticationFilter;
+  private final CustomAuthenticationProvider customAuthenticationProvider;
+
+  @Bean
+  public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
+    http.csrf(csrf -> csrf.disable())
+        .sessionManagement(sm -> sm.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
+        .formLogin(form -> form.disable())
+        .httpBasic(basic -> basic.disable())
+        .logout(logout -> logout.disable())
+        // 🔥 여기서 우리가 만든 CustomAuthenticationProvider 하나만 등록
+        .authenticationProvider(customAuthenticationProvider)
+        .authorizeHttpRequests(
+            auth ->
+                auth.requestMatchers(
+                        "/api/auth/signin",
+                        "/api/auth/refresh",
+                        "/swagger-ui/**",
+                        "/v3/api-docs/**")
+                    .permitAll()
+                    .anyRequest()
+                    .authenticated())
+        .addFilterBefore(jwtAuthenticationFilter, UsernamePasswordAuthenticationFilter.class);
+
+    return http.build();
+  }
+
+  @Bean
+  public AuthenticationManager authenticationManager(AuthenticationConfiguration configuration)
+      throws Exception {
+    return configuration.getAuthenticationManager();
+  }
+}
--- a/src/main/java/com/kamco/cd/kamcoback/config/api/ApiResponseDto.java
+++ b/src/main/java/com/kamco/cd/kamcoback/config/api/ApiResponseDto.java
@@ -134,7 +134,7 @@ public class ApiResponseDto<T> {
    FAIL_VERIFICATION("인증에 실패하였습니다."),
    INVALID_EMAIL("잘못된 형식의 이메일입니다."),
    REQUIRED_EMAIL("이메일은 필수 항목입니다."),
-    WRONG_PASSWORD("잘못된 패스워드입니다.."),
+    WRONG_PASSWORD("잘못된 패스워드입니다."),
    DUPLICATE_EMAIL("이미 가입된 이메일입니다."),
    DUPLICATE_DATA("이미 등록되어 있습니다."),
    DATA_INTEGRITY_ERROR("데이터 무결성이 위반되어 요청을 처리할수 없습니다."),