[feat] : JWT 인증 필터를 구현하여 사용자 ID를 SecurityContext에 설정 #8

Author: Hyeromon

src/main/java/org/dfbf/soundlink/domain/user/controller/UserController.java

@@ -11,6 +11,7 @@
 import org.dfbf.soundlink.domain.user.dto.request.UserUpdateDto;
 import org.dfbf.soundlink.domain.user.service.UserService;
 import org.dfbf.soundlink.global.exception.ResponseResult;
+import org.springframework.security.core.annotation.AuthenticationPrincipal;
 import org.springframework.web.bind.annotation.*;
 
 @RestController
@@ -36,7 +37,7 @@ public ResponseResult checkNickName(@RequestParam String nickName){
 
     @GetMapping
     @Operation(summary = "유저 조회", description = "유저 조회 API")
-    public ResponseResult getUser(/*@AuthenticationPrincipal id: Int*/) { return userService.getUser(1L); }
+    public ResponseResult getUser(@AuthenticationPrincipal Long id) { return userService.getUser(id); }
 
     @PutMapping
     @Operation(summary = "유저 수정", description = "유저 수정 API")

src/main/java/org/dfbf/soundlink/global/auth/CustomUserDetails.java

@@ -0,0 +1,58 @@
+package org.dfbf.soundlink.global.auth;
+
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.userdetails.UserDetails;
+
+import java.util.Collection;
+import java.util.List;
+
+public class CustomUserDetails implements UserDetails{
+    private final Long userId;
+
+    public CustomUserDetails(Long userId) {
+        if (userId == null) {
+            throw new IllegalArgumentException("userId cannot be null");
+        }
+        this.userId = userId;
+    }
+
+    public Long getUserId() {
+        return userId;
+    }
+
+
+    @Override
+    public Collection<? extends GrantedAuthority> getAuthorities() {
+        return List.of(); //사용자의 권한 정보 반환
+    }
+
+    @Override
+    public String getPassword() {
+        return null;
+    }
+
+    @Override
+    public String getUsername() {
+        return String.valueOf(userId);//로그인할때 ID
+    }
+
+    @Override
+    public boolean isAccountNonExpired() {
+        return true;    //계정 만료 여부(만료 x)
+    }
+
+    @Override
+    public boolean isAccountNonLocked() {
+        return true;    //계정이 잠겨있는지 확인.
+    }
+
+    @Override
+    public boolean isCredentialsNonExpired() {
+        return true;    //비밀번호 유효기간 확인
+    }
+
+    @Override
+    public boolean isEnabled() {
+        return true;    //계정활성화 여부 확인
+    }
+}

src/main/java/org/dfbf/soundlink/global/auth/JwtAuthenticationFilter.java

@@ -0,0 +1,53 @@
+package org.dfbf.soundlink.global.auth;
+
+import jakarta.servlet.FilterChain;
+import jakarta.servlet.ServletException;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import lombok.RequiredArgsConstructor;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.web.filter.OncePerRequestFilter;
+
+import java.io.IOException;
+
+@RequiredArgsConstructor
+public class JwtAuthenticationFilter extends OncePerRequestFilter {
+    private final JwtProvider jwtProvider;
+
+    @Override
+    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
+    String accessToken = jwtProvider.resolveAccessToken(request);       //1.Access Token 추출
+
+    if(accessToken !=null && jwtProvider.validateToken(accessToken)) {  //2.유효성 검사
+        this.setAuthentication(accessToken);                            //3.유저정보 저장
+        }
+    filterChain.doFilter(request, response); //필터 체인 진행(전달)
+    }
+
+    //유저정보 저장
+    public void setAuthentication(String token) {
+        Long userId = jwtProvider.getUserId(token); //userId 추출
+
+        // 로그 추가
+        System.out.println("Extracted User ID: " + userId);
+
+        if (userId == null) {
+            throw new IllegalArgumentException("userId cannot be null");
+        }
+
+        CustomUserDetails userDetails = new CustomUserDetails(userId);
+
+        // 로그 추가
+        System.out.println("Created CustomUserDetails: " + userDetails);
+
+        // 인증토큰 생성
+        UsernamePasswordAuthenticationToken authentication =
+                new UsernamePasswordAuthenticationToken(userId, null, userDetails.getAuthorities());
+
+        // 인증정보 설정
+        System.out.println("Setting authentication with user ID: " + userId); // 로그 추가
+        SecurityContextHolder.getContext().setAuthentication(authentication);
+    }
+
+}

src/main/java/org/dfbf/soundlink/global/auth/JwtProvider.java

@@ -98,4 +98,14 @@ public String resolveRefreshToken(HttpServletRequest request) {
         return null;
     }
 
+    // 토큰에서 id 반환
+    public Long getUserId(String token){
+        return Long.parseLong(Jwts.parserBuilder()
+                .setSigningKey(SECRET_KEY)
+                .build()
+                .parseClaimsJws(token)
+                .getBody()
+                .getSubject());
+    }
+
 }

src/main/java/org/dfbf/soundlink/global/config/SecurityConfig.java

@@ -1,6 +1,8 @@
 package org.dfbf.soundlink.global.config;
 
 import lombok.RequiredArgsConstructor;
+import org.dfbf.soundlink.global.auth.JwtAuthenticationFilter;
+import org.dfbf.soundlink.global.auth.JwtProvider;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
@@ -15,6 +17,8 @@
 @EnableWebSecurity
 @RequiredArgsConstructor
 public class SecurityConfig {
+    private final JwtProvider jwtProvider;
+
     @Bean
     public BCryptPasswordEncoder passwordEncoder() {
         return new BCryptPasswordEncoder();
@@ -31,7 +35,9 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception{
 //                        .requestMatchers("/").permitAll()
 //                        .anyRequest().authenticated()
                                 .anyRequest().permitAll()
-                );
+                )
+                // JwtAuthenticationFilter 추가
+                .addFilterBefore(new JwtAuthenticationFilter(jwtProvider), UsernamePasswordAuthenticationFilter.class);
 
         return http.build();
     }