Merge pull request #80 from cosmos-1885/feature/1-branch-account

Feature/1 branch account

build.gradle

@@ -55,8 +55,10 @@ dependencies {
 	implementation 'com.h2database:h2'
 
 	// swagger
-	implementation group: 'io.springfox', name: 'springfox-boot-starter', version: '3.0.0'
-	implementation group: 'io.springfox', name: 'springfox-swagger-ui', version: '3.0.0'
+//	implementation group: 'io.springfox', name: 'springfox-boot-starter', version: '3.0.0'
+//	implementation group: 'io.springfox', name: 'springfox-swagger-ui', version: '3.0.0'
+//	implementation 'org.springdoc:springdoc-openapi-starter-webmvc-ui:2.0.2'
+	implementation 'org.springdoc:springdoc-openapi-ui:1.6.9'
 
 	// kargo, ide
 	runtimeOnly 'org.mariadb.jdbc:mariadb-java-client'

src/main/java/com/example/demo/config/errors/ErrorCode.java

@@ -0,0 +1,33 @@
+package com.example.demo.config.errors;
+
+import lombok.AllArgsConstructor;
+import lombok.Getter;
+
+import static org.springframework.http.HttpStatus.*;
+
+@Getter
+public enum ErrorCode {
+    /**
+     * status: 400
+     */
+    DUPLICATE_EMAIL("동일한 이메일이 존재합니다."),
+    NOT_MATCH_EMAIL("이메일이 일치하지 않습니다."),
+    NOT_MATCH_PASSWORD("비밀번호가 일치하지 않습니다."),
+    INVALID_JWT_SIGNATUE("유효하지 않은 JWT 토큰 서명입니다."),
+    INVALID_JWT_TOKEN("손상된 JWT 토큰입니다."),
+    EXPIRED_JWT_TOKEN("만료된 JWT 토큰입니다."),
+    UNSUPPORTED_JWT_TOKEN("지원하지 않는 JWT 토큰입니다."),
+    ILLEGAL_ARGUMENT_EXCEPTION("JWT 토큰 내의 정보가 없습니다"),
+
+    /**
+     * status: 404
+     */
+    NOT_EXIST_INTEREST("관심사가 존재하지 않습니다."),
+    NOT_EXIST_USER("사용자가 존재하지 않습니다.");
+
+    private final String message;
+
+    ErrorCode(String message) {
+        this.message = message;
+    }
+}

src/main/java/com/example/demo/config/errors/GlobalExceptionHandler.java

@@ -9,33 +9,39 @@
 
 @ControllerAdvice
 public class GlobalExceptionHandler {
-    @ExceptionHandler(Exception400.class)
-    public ResponseEntity<?> badRequest(Exception400 exception) {
-        return ResponseEntity.status(HttpStatus.BAD_REQUEST).body(exception.body());
+    @ExceptionHandler(ValidationException.class)
+    public ResponseEntity<?> validationException(ValidationException e) {
+        return ResponseEntity.status(HttpStatus.BAD_REQUEST).body(ApiResponseBuilder.fail(e.getErrorList()));
     }
 
-    @ExceptionHandler(Exception401.class)
-    public ResponseEntity<?> unAuthorized(Exception401 exception) {
-        return ResponseEntity.status(HttpStatus.UNAUTHORIZED).body(exception.body());
+    @ExceptionHandler(DuplicateEmailException.class)
+    public ResponseEntity<?> duplicatedEmailException(DuplicateEmailException e) {
+        return ResponseEntity.status(HttpStatus.BAD_REQUEST).body(ApiResponseBuilder.error(e.getErrorCode()));
     }
 
-    @ExceptionHandler(Exception403.class)
-    public ResponseEntity<?> forbidden(Exception403 exception) {
-        return ResponseEntity.status(HttpStatus.FORBIDDEN).body(exception.body());
+    @ExceptionHandler(EmailNotMatchException.class)
+    public ResponseEntity<?> emailNotMatchException(EmailNotMatchException e) {
+        return ResponseEntity.status(HttpStatus.BAD_REQUEST).body(ApiResponseBuilder.error(e.getErrorCode()));
     }
 
-    @ExceptionHandler(Exception404.class)
-    public ResponseEntity<?> notFound(Exception404 exception) {
-        return ResponseEntity.status(HttpStatus.NOT_FOUND).body(exception.body());
+    @ExceptionHandler(PasswordNotMatchException.class)
+    public ResponseEntity<?> passwordNotMatchException(PasswordNotMatchException e) {
+        return ResponseEntity.status(HttpStatus.BAD_REQUEST).body(ApiResponseBuilder.error(e.getErrorCode()));
     }
 
-    @ExceptionHandler(Exception500.class)
-    public ResponseEntity<?> serverError(Exception500 exception) {
-        return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR).body(exception.body());
+    @ExceptionHandler(InterestNotExistException.class)
+    public ResponseEntity<?> interestNotExistException(InterestNotExistException e) {
+        return ResponseEntity.status(HttpStatus.NOT_FOUND).body(ApiResponseBuilder.error(e.getErrorCode()));
     }
 
-    @ExceptionHandler(Exception.class)
-    public ResponseEntity<?> unknownError(Exception exception) {
-        return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR).body(ApiResponseBuilder.error(exception.getMessage()));
+    @ExceptionHandler(UserNotExistException.class)
+    public ResponseEntity<?> userNotExistException(UserNotExistException e) {
+        return ResponseEntity.status(HttpStatus.NOT_FOUND).body(ApiResponseBuilder.error(e.getErrorCode()));
     }
+
+    @ExceptionHandler(JWTTokenException.class)
+    public ResponseEntity<?> jwtTokenException(JWTTokenException e) {
+        return ResponseEntity.status(HttpStatus.BAD_REQUEST).body(ApiResponseBuilder.error(e.getErrorCode()));
+    }
+
 }

src/main/java/com/example/demo/config/errors/GlobalValidationHandler.java

@@ -1,6 +1,7 @@
 package com.example.demo.config.errors;
 
 import com.example.demo.config.errors.exception.Exception400;
+import com.example.demo.config.errors.exception.ValidationException;
 import org.aspectj.lang.JoinPoint;
 import org.aspectj.lang.annotation.Aspect;
 import org.aspectj.lang.annotation.Before;
@@ -39,7 +40,7 @@ public void validationAdvice(JoinPoint joinPoint) {
         }
 
         if (!errorList.isEmpty()) {
-            throw new Exception400(errorList, null);
+            throw new ValidationException(errorList);
         }
     }
 }

src/main/java/com/example/demo/config/errors/exception/DuplicateEmailException.java

@@ -0,0 +1,13 @@
+package com.example.demo.config.errors.exception;
+
+import com.example.demo.config.errors.ErrorCode;
+import lombok.Getter;
+
+@Getter
+public class DuplicateEmailException extends RuntimeException {
+    public final ErrorCode errorCode;
+
+    public DuplicateEmailException(ErrorCode errorCode) {
+        this.errorCode = errorCode;
+    }
+}

src/main/java/com/example/demo/config/errors/exception/EmailNotMatchException.java

@@ -0,0 +1,13 @@
+package com.example.demo.config.errors.exception;
+
+import com.example.demo.config.errors.ErrorCode;
+import lombok.Getter;
+
+@Getter
+public class EmailNotMatchException extends RuntimeException {
+    public final ErrorCode errorCode;
+
+    public EmailNotMatchException(ErrorCode errorCode) {
+        this.errorCode = errorCode;
+    }
+}

src/main/java/com/example/demo/config/errors/exception/Exception400.java

@@ -3,7 +3,6 @@
 import com.example.demo.config.utils.ApiResponseBuilder;
 import lombok.Getter;
 
-import java.util.HashMap;
 import java.util.Map;
 
 @Getter
@@ -16,7 +15,7 @@ public Exception400(Map<String, String> errors, String message) {
     }
 
     public ApiResponseBuilder.ApiResponse<?> body(){
-        return ApiResponseBuilder.fail(errors, getMessage());
+        return ApiResponseBuilder.fail(errors);
     }
 }
 

src/main/java/com/example/demo/config/errors/exception/InterestNotExistException.java

@@ -0,0 +1,13 @@
+package com.example.demo.config.errors.exception;
+
+import com.example.demo.config.errors.ErrorCode;
+import lombok.Getter;
+
+@Getter
+public class InterestNotExistException extends RuntimeException {
+    public final ErrorCode errorCode;
+
+    public InterestNotExistException(ErrorCode errorCode) {
+        this.errorCode = errorCode;
+    }
+}

src/main/java/com/example/demo/config/errors/exception/JWTTokenException.java

@@ -0,0 +1,13 @@
+package com.example.demo.config.errors.exception;
+
+import com.example.demo.config.errors.ErrorCode;
+import lombok.Getter;
+
+@Getter
+public class JWTTokenException extends RuntimeException {
+    public final ErrorCode errorCode;
+
+    public JWTTokenException(ErrorCode errorCode) {
+        this.errorCode = errorCode;
+    }
+}

src/main/java/com/example/demo/config/errors/exception/PasswordNotMatchException.java

@@ -0,0 +1,13 @@
+package com.example.demo.config.errors.exception;
+
+import com.example.demo.config.errors.ErrorCode;
+import lombok.Getter;
+
+@Getter
+public class PasswordNotMatchException extends RuntimeException {
+    public final ErrorCode errorCode;
+
+    public PasswordNotMatchException(ErrorCode errorCode) {
+        this.errorCode = errorCode;
+    }
+}

src/main/java/com/example/demo/config/errors/exception/UserNotExistException.java

@@ -0,0 +1,13 @@
+package com.example.demo.config.errors.exception;
+
+import com.example.demo.config.errors.ErrorCode;
+import lombok.Getter;
+
+@Getter
+public class UserNotExistException extends RuntimeException {
+    public final ErrorCode errorCode;
+
+    public UserNotExistException(ErrorCode errorCode) {
+        this.errorCode = errorCode;
+    }
+}

src/main/java/com/example/demo/config/errors/exception/ValidationException.java

@@ -0,0 +1,14 @@
+package com.example.demo.config.errors.exception;
+
+import lombok.Getter;
+
+import java.util.Map;
+
+@Getter
+public class ValidationException extends RuntimeException{
+    public final Map<String, String> errorList;
+
+    public ValidationException(Map<String, String> errorList) {
+        this.errorList = errorList;
+    }
+}

src/main/java/com/example/demo/config/auth/CustomUserDetailService.java → src/main/java/com/example/demo/config/security/CustomUserDetailService.java

@@ -1,9 +1,10 @@
-package com.example.demo.config.auth;
+package com.example.demo.config.security;
 
-import com.example.demo.user.User;
-import com.example.demo.user.UserJPARepository;
+import com.example.demo.config.errors.ErrorCode;
+import com.example.demo.config.errors.exception.UserNotExistException;
+import com.example.demo.user.domain.User;
+import com.example.demo.user.repository.UserJPARepository;
 import lombok.RequiredArgsConstructor;
-import org.springframework.security.core.userdetails.UserDetails;
 import org.springframework.security.core.userdetails.UserDetailsService;
 import org.springframework.security.core.userdetails.UsernameNotFoundException;
 import org.springframework.stereotype.Service;
@@ -17,14 +18,7 @@ public class CustomUserDetailService implements UserDetailsService {
 
     @Override
     public CustomUserDetails loadUserByUsername(String email) throws UsernameNotFoundException {
-        Optional<User> optionalUser = accountJPARepository.findByEmail(email);
-
-        if (optionalUser.isEmpty()) {
-            return null;
-        }
-        else {
-            User user = optionalUser.get();
-            return new CustomUserDetails(user);
-        }
+        User user = accountJPARepository.findByEmail(email).orElse(null);
+        return new CustomUserDetails(user);
     }
 }

src/main/java/com/example/demo/config/auth/CustomUserDetails.java → src/main/java/com/example/demo/config/security/CustomUserDetails.java

@@ -1,17 +1,15 @@
-package com.example.demo.config.auth;
+package com.example.demo.config.security;
 
-import com.example.demo.user.User;
+import com.example.demo.user.domain.User;
 import lombok.Getter;
 import lombok.RequiredArgsConstructor;
 import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.core.authority.SimpleGrantedAuthority;
 import org.springframework.security.core.userdetails.UserDetails;
 
 import java.util.ArrayList;
-import java.util.Arrays;
 import java.util.Collection;
 import java.util.List;
-import java.util.stream.Collectors;
 
 @Getter
 @RequiredArgsConstructor

src/main/java/com/example/demo/config/jwt/JWTAuthenticationFilter.java → src/main/java/com/example/demo/config/security/JWTAuthenticationFilter.java

@@ -1,12 +1,6 @@
-package com.example.demo.config.jwt;
+package com.example.demo.config.security;
 
-import com.example.demo.user.User;
-import com.example.demo.config.auth.CustomUserDetails;
-import lombok.RequiredArgsConstructor;
-import lombok.extern.slf4j.Slf4j;
-import org.springframework.beans.factory.annotation.Value;
 import org.springframework.security.authentication.AuthenticationManager;
-import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
@@ -16,9 +10,6 @@
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import java.io.IOException;
-import java.util.Arrays;
-import java.util.List;
-import java.util.stream.Collectors;
 
 public class JWTAuthenticationFilter extends BasicAuthenticationFilter {
 

src/main/java/com/example/demo/config/jwt/JWTTokenProvider.java → src/main/java/com/example/demo/config/security/JWTTokenProvider.java

@@ -1,36 +1,35 @@
-package com.example.demo.config.jwt;
+package com.example.demo.config.security;
 
-import com.example.demo.config.auth.CustomUserDetailService;
-import com.example.demo.config.auth.CustomUserDetails;
 import com.example.demo.config.errors.exception.Exception401;
-import com.example.demo.user.User;
-import com.example.demo.refreshToken.RefreshToken;
-import com.example.demo.refreshToken.RefreshTokenJPARepository;
-import com.example.demo.refreshToken.TokenResponse;
-import com.example.demo.user.userInterest.UserInterest;
-import com.example.demo.user.userInterest.UserInterestJPARepository;
+import com.example.demo.config.security.CustomUserDetailService;
+import com.example.demo.config.security.CustomUserDetails;
+import com.example.demo.user.domain.User;
+import com.example.demo.user.dto.TokenResponse;
+import com.example.demo.user.dto.UserResponse;
 import io.jsonwebtoken.*;
 import io.jsonwebtoken.security.SignatureException;
 import lombok.RequiredArgsConstructor;
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.Authentication;
 import org.springframework.stereotype.Component;
 
 import java.util.Date;
 import java.util.List;
-import java.util.Optional;
 
 @RequiredArgsConstructor
 @Component
 public class JWTTokenProvider {
 
     public static final String Header = "Authorization";
     public static final String Token_Prefix = "Bearer ";
-
-    public static final String SecretKey = "a2FrYW8tdGVjaC1jYW1wdXMtcHJvamVjdC1nYXJkZW4tc3ByaW5nLXNlY3VyaXR5LWp3dC10b2tlbi1zZWNyZXQta2V5";
     public static final int AccessTokenValidTime = 1000 * 60 * 5; // 5분
     public static final int RefreshTokenValidTime = 1000 * 60 * 60 * 24 * 7; // 1주일
 
+    @Value("${jwt.SecretKey}")
+    private static String SecretKey;
+
+
     private final CustomUserDetailService userDetailService;
 
     public static TokenResponse.TokenDTO createToken(User user, List<String> userCategoryList) {
@@ -98,6 +97,7 @@ public static boolean validateToken(String token) {
             return true;
         } catch (SignatureException e) {
             System.out.println("Invalid JWT Signature.");
+            throw new Exception401("dkfd");
         } catch (MalformedJwtException e) {
             System.out.println("Invalid JWT Token.");
         } catch (ExpiredJwtException e) {

src/main/java/com/example/demo/config/security/SecurityConfig.java

@@ -2,16 +2,12 @@
 
 import com.example.demo.config.errors.exception.Exception401;
 import com.example.demo.config.errors.exception.Exception403;
-import com.example.demo.config.jwt.JWTAuthenticationFilter;
-import com.example.demo.config.jwt.JWTTokenProvider;
 import com.example.demo.config.utils.FilterResponseUtils;
 import lombok.RequiredArgsConstructor;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
-import org.springframework.context.annotation.ScopeMetadataResolver;
 import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
-import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
 import org.springframework.security.config.http.SessionCreationPolicy;
 import org.springframework.security.crypto.factory.PasswordEncoderFactories;
@@ -76,7 +72,7 @@ public SecurityFilterChain securityFilterChain(HttpSecurity httpSecurity) throws
 
         // 11. 인증, 권한 필터 설정
         httpSecurity.authorizeRequests(
-                authorize -> authorize.antMatchers("/profiles", "/users/passwordcheck").authenticated()
+                authorize -> authorize.antMatchers("/profiles", "/profiles/simple", "/users/passwordcheck").authenticated()
                         .antMatchers("/admin/**").access("hasRole('ADMIN')")
                         .anyRequest().permitAll()
         );