refactor : 세션은 컨트롤러에서만 사용으로 리팩토링

DOEKYONG · Apr 17, 2023 · 4d8537a · 4d8537a
1 parent 5a62ee2
commit 4d8537a
Show file tree

Hide file tree

Showing 4 changed files with 20 additions and 16 deletions.
diff --git a/src/main/java/kr/codesqaud/cafe/controller/ArticleController.java b/src/main/java/kr/codesqaud/cafe/controller/ArticleController.java
@@ -2,6 +2,7 @@
 
 import kr.codesqaud.cafe.domain.article.Article;
 import kr.codesqaud.cafe.dto.ArticleFormDto;
+import kr.codesqaud.cafe.dto.LoginSessionDto;
 import kr.codesqaud.cafe.service.ArticleService;
 import org.springframework.stereotype.Controller;
 import org.springframework.ui.Model;
@@ -21,7 +22,8 @@ public ArticleController(ArticleService articleService) {
 
     @GetMapping("/article/question")
     public String getWriteForm(HttpSession session) {
-        articleService.checkLogin(session);
+        LoginSessionDto sessionDto = (LoginSessionDto) session.getAttribute("sessionId");
+        articleService.checkLogin(sessionDto);
         return "qna/form";
     }
 
@@ -33,10 +35,11 @@ public String postQuestion(@Valid @ModelAttribute ArticleFormDto articleFormDto,
 
     @GetMapping("/article/show/{index}")
     public String getShow(@PathVariable int index, Model model, HttpSession session) {
-        articleService.checkLogin(session);
+        LoginSessionDto sessionDto = (LoginSessionDto) session.getAttribute("sessionId");
+        articleService.checkLogin(sessionDto);
         Article article = articleService.findByIdx(index);
         model.addAttribute("article", article);
-        model.addAttribute("auth", articleService.checkIdentity(article.getUserId(), session));
+        model.addAttribute("auth", articleService.checkIdentity(article.getUserId(), sessionDto.getId()));
         return "qna/show";
     }
 
@@ -49,7 +52,8 @@ public String getIndex(Model model) {
     @GetMapping("/article/update/{index}")
     public String getUpdatePage(@PathVariable int index, Model model, HttpSession session) {
         Article article = articleService.findByIdx(index);
-        articleService.checkAuth(article.getUserId(), session);
+        LoginSessionDto sessionDto = (LoginSessionDto) session.getAttribute("sessionId");
+        articleService.checkAuth(article.getUserId(), sessionDto);
         model.addAttribute("setTitle", article.getTitle());
         model.addAttribute("setContent", article.getContents());
         model.addAttribute("index", index);

diff --git a/src/main/java/kr/codesqaud/cafe/controller/UserController.java b/src/main/java/kr/codesqaud/cafe/controller/UserController.java
@@ -52,7 +52,8 @@ public String getProfile(@PathVariable String id, Model model) {
 
     @GetMapping("/update/{id}")
     public String getUpdateForm(@PathVariable String id, Model model, HttpSession session) {
-        userService.updateAccess(id, session);
+        LoginSessionDto sessionDto = (LoginSessionDto) session.getAttribute("sessionId");
+        userService.updateAccess(id, sessionDto);
         User user = userService.findById(id);
         model.addAttribute("user", user);
         return "user/update_form";

diff --git a/src/main/java/kr/codesqaud/cafe/service/ArticleService.java b/src/main/java/kr/codesqaud/cafe/service/ArticleService.java
@@ -32,21 +32,21 @@ public boolean writeArticle(ArticleFormDto dto, HttpSession session) {
         return true;
     }
 
-    public boolean checkLogin(HttpSession session) {
-        if (session.getAttribute("sessionId") == null) {
+    public boolean checkLogin(LoginSessionDto dto) {
+        if (dto == null) {
             throw new DeniedAccessException("로그인 한 유저만 접근가능.");
         }
         return true;
     }
 
-    public boolean checkIdentity(String id, HttpSession session) { // 머스테치에서 버튼 숨기기 위해 반환값이 필요했음
-        LoginSessionDto userSession = (LoginSessionDto) session.getAttribute("sessionId");
-        return id.equals(userSession.getId());
+    public boolean checkIdentity(String id, String sessionId) { // 머스테치에서 버튼 숨기기 위해 반환값이 필요했음
+
+        return id.equals(sessionId);
     }
 
-    public boolean checkAuth(String id, HttpSession session) {
-        if (checkLogin(session) && checkIdentity(id, session)) {
-            return checkIdentity(id, session);
+    public boolean checkAuth(String id, LoginSessionDto sessionDto) {
+        if (checkLogin(sessionDto) && checkIdentity(id, sessionDto.getId())) {
+            return checkIdentity(id, sessionDto.getId());
         }
         throw new DeniedAccessException("작성자만 수정 가능합니다.");
     }

diff --git a/src/main/java/kr/codesqaud/cafe/service/UserService.java b/src/main/java/kr/codesqaud/cafe/service/UserService.java
@@ -50,9 +50,8 @@ public boolean login(User loginUser, String password) {
         return true;
     }
 
-    public boolean updateAccess(String id, HttpSession session) {
-        LoginSessionDto userSession = (LoginSessionDto) session.getAttribute("sessionId");
-        if (userSession == null || !id.equals(userSession.getId())) {
+    public boolean updateAccess(String id, LoginSessionDto sessionId) {
+        if (sessionId == null || !id.equals(sessionId.getId())) {
             throw new DeniedAccessException("수정 권한 없습니다.");
         }
         return true;