[Fix] 유저 권한 관련 문제 해결, ID/PW sign 엔드 포인트 수정 (#290)

m-a-king · web-flow · commit ab96bfb2d82f · 2025-01-09T05:35:07.000+09:00
* fix: userRole 문제 해결

* fix: sign 엔드 포인트 수정

- 필터에만 적용시키고 스웨거 api에는 올바르게 적용하지 않았기에 수정.
diff --git a/src/main/java/com/somemore/global/auth/controller/SignController.java b/src/main/java/com/somemore/global/auth/controller/SignController.java
@@ -14,7 +14,7 @@
 
 @RestController
 @RequiredArgsConstructor
-@RequestMapping("/api/center")
+@RequestMapping("/api")
 @Tag(name = "Sign API", description = "ID,PW 로그인, 로그아웃")
 public class SignController {
 
@@ -30,7 +30,7 @@ public class SignController {
      *
      * 실제 로그인 절차는 필터에서 처리됩니다.
      */
-    @PostMapping("/sign-in")
+    @PostMapping("/sign-in/id-pw")
     public ApiResponse<String> signIn(
             @RequestParam SignRequestDto signRequestDto
     ) {
diff --git a/src/main/java/com/somemore/global/auth/idpw/filter/IdPwAuthFilter.java b/src/main/java/com/somemore/global/auth/idpw/filter/IdPwAuthFilter.java
@@ -44,18 +44,24 @@ public Authentication attemptAuthentication(HttpServletRequest request, HttpServ
     @Override
     protected void successfulAuthentication(HttpServletRequest request, HttpServletResponse response, FilterChain chain, Authentication authResult) {
         response.setStatus(HttpServletResponse.SC_OK);
+        String userId = authResult.getName();
+        String role = extractRole(authResult);
         EncodedToken accessToken =
                 generateTokensOnLoginUseCase.saveRefreshTokenAndReturnAccessToken(
-                        UUID.fromString(authResult.getName()),
-                        UserRole.from(authResult.getAuthorities().stream()
-                                .findFirst()
-                                .map(GrantedAuthority::getAuthority)
-                                .orElseThrow(() -> new IllegalStateException("유저 권한 자체가 존재하지 않습니다."))));
+                        UUID.fromString(userId),
+                        UserRole.from(role));
 
         response.setHeader("Authorization", accessToken.getValueWithPrefix());
         // cookieUseCase.setAccessToken(response, accessToken.value());
     }
 
+    private static String extractRole(Authentication authResult) {
+        return authResult.getAuthorities().stream()
+                .findFirst()
+                .map(GrantedAuthority::getAuthority)
+                .orElseThrow(() -> new IllegalStateException("유저 권한 자체가 존재하지 않습니다."));
+    }
+
     @Override
     protected void unsuccessfulAuthentication(HttpServletRequest request, HttpServletResponse response, AuthenticationException failed) throws IOException {
         ProblemDetail problemDetail = buildUnauthorizedProblemDetail(failed);
diff --git a/src/main/java/com/somemore/user/domain/UserRole.java b/src/main/java/com/somemore/user/domain/UserRole.java
@@ -24,7 +24,7 @@ public static UserRole getOAuthUserDefaultRole() {
 
     public static UserRole from(String role) {
         for (UserRole userRole : values()) {
-            if (userRole.name().equals(role)) {
+            if (role.contains(userRole.name())) {
                 return userRole;
             }
         }

Original file line number	Diff line number	Diff line change
`@@ -24,7 +24,7 @@ public static UserRole getOAuthUserDefaultRole() {`
`24`	`24`
`25`	`25`	`public static UserRole from(String role) {`
`26`	`26`	`for (UserRole userRole : values()) {`
`27`		`- if (userRole.name().equals(role)) {`
	`27`	`+ if (role.contains(userRole.name())) {`
`28`	`28`	`return userRole;`
`29`	`29`	`}`
`30`	`30`	`}`