feat:ãJwtHandshakeInterceptor 구현

Author: beekeeper24

src/main/kotlin/com/back/koreaTravelGuide/common/config/websocket/JwtHandshakeInterceptor.kt

@@ -0,0 +1,55 @@
+package com.back.koreaTravelGuide.common.config.websocket
+
+import com.back.koreaTravelGuide.common.util.JwtUtil
+import org.springframework.http.HttpMethod
+import org.springframework.http.server.ServerHttpRequest
+import org.springframework.http.server.ServerHttpResponse
+import org.springframework.stereotype.Component
+import org.springframework.web.socket.WebSocketHandler
+import org.springframework.web.socket.server.HandshakeInterceptor
+import org.springframework.web.util.UriComponentsBuilder
+import java.lang.Exception
+import java.net.URI
+
+@Component
+class JwtHandshakeInterceptor : HandshakeInterceptor {
+    override fun beforeHandshake(
+        request: ServerHttpRequest,
+        response: ServerHttpResponse,
+        wsHandler: WebSocketHandler,
+        attributes: MutableMap<String, Any>,
+    ): Boolean {
+        val uri: URI = request.uri
+        val method = request.method
+
+        // ✅ SockJS 호환을 위한 임시 우회 (브라우저 테스트용)
+        // - SockJS는 /info 요청을 토큰 없이 보냄
+        // - 추후 순수 WebSocket 전환 시 제거 예정
+        if (HttpMethod.OPTIONS == method || uri.path.endsWith("/info")) {
+            return true
+        }
+
+        val token =
+            UriComponentsBuilder.fromUri(request.uri)
+                .build()
+                .queryParams
+                .getFirst("token")
+                ?: return false // 토큰 없으면 연결 거부
+
+        return if (JwtUtil.validateToken(token)) {
+            val userId = JwtUtil.getUserIdFromToken(token)
+            attributes["userId"] = userId
+            true
+        } else {
+            false
+        }
+    }
+
+    override fun afterHandshake(
+        request: ServerHttpRequest,
+        response: ServerHttpResponse,
+        wsHandler: WebSocketHandler,
+        exception: Exception?,
+    ) {
+    }
+}

src/main/kotlin/com/back/koreaTravelGuide/common/config/WebSocketConfig.kt renamed to src/main/kotlin/com/back/koreaTravelGuide/common/config/websocket/WebSocketConfig.kt

@@ -1,4 +1,4 @@
-package com.back.koreaTravelGuide.common.config
+package com.back.koreaTravelGuide.common.config.websocket
 
 import org.springframework.context.annotation.Configuration
 import org.springframework.messaging.simp.config.MessageBrokerRegistry
@@ -8,10 +8,12 @@ import org.springframework.web.socket.config.annotation.WebSocketMessageBrokerCo
 
 @Configuration
 @EnableWebSocketMessageBroker
-class WebSocketConfig : WebSocketMessageBrokerConfigurer {
+class WebSocketConfig(
+    private val jwtHandshakeInterceptor: JwtHandshakeInterceptor,
+) : WebSocketMessageBrokerConfigurer {
     override fun registerStompEndpoints(registry: StompEndpointRegistry) {
         registry.addEndpoint("/ws/chat")
-            .addInterceptors(JwtHandsshakeInterceptor) // JWT 체크
+            .addInterceptors(JwtHandshakeInterceptor()) // JWT 체크
             .setAllowedOrigins("*")
             .withSockJS() // 개발 중 호환성
     }

src/main/kotlin/com/back/koreaTravelGuide/common/util/JwtUtil.kt

@@ -0,0 +1,17 @@
+package com.back.koreaTravelGuide.common.util
+
+/*
+ 임시 구현: 테스트 용
+ 토큰이 "test-token"이면 유효하다고 간주
+ 완성 후 이 파일은 삭제 또는 대체
+ */
+object JwtUtil {
+    fun validateToken(token: String?): Boolean {
+        // 테스트용: "test-token"이면 통과
+        return token != null && token == "test-token"
+    }
+
+    fun getUserIdFromToken(token: String): String {
+        return "user123" // 테스트용 고정 사용자 ID
+    }
+}