JWT, springSecurity,redis..etc 를 공부하고 정리해보는 Repo입니다.
- PostMan으로 Cookie 설정 및 확인하기
- redis로 refreshToken 저장, 조회, 삭제 하기
- JWT를 이용해 AccessToken 발급,검사,정보 추출
- RefreshToken을 이용한 Logout 구현하기
프로그램에서 사용하는 라이브러리 및 종속성된 파일들입니다.
.
├── .gradle
├── .idea
├── build
├── gradle
├── out
├── src
│ ├── main
│ ├── test
├── LICENSE
├── README.md
├── build.gradle
├── gradlew
├── gradlew.bat
└── settings.gradle
- Clone the repo
git clone https://github.com/yongjun-hong/Jwt_springSecurity.git
Success
RequestBody
{
"email":"[email protected]",
"name" : "kevin",
"password" : "1234"
}
ResponseBody
{
"code": 200,
"message": "회원 가입 성공",
"data": {
"id": 3,
"name": "kevin",
"email": "[email protected]",
"roles": [
"ROLE_USER"
],
"enabled": true,
"password": "$2a$10$HRHe9./bnjCH6Aby3o/.MOEcOJnC7BDjsmPbyJ4yE9TIl5B5jzDBy",
"username": "[email protected]",
"authorities": [
{
"authority": "ROLE_USER"
}
],
"accountNonLocked": true,
"credentialsNonExpired": true,
"accountNonExpired": true
}
}
Fail
RequestBody
{
"email":"[email protected]", -> 중복된 이메일
"name" : "kevin",
"password" : "1234"
}
ResponseBody
{
"code": 409,
"message": "이미 사용 중인 이메일입니다.",
"data": null
}
Success
RequestBody
{
"email":"[email protected]",
"password" : "1234"
}
ResponseBody
refreshToken=eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJrZXZpbjA5MjhAbmF2ZXIuY29tIiwicm9sZXMiOlsiUk9MRV9VU0VSIl0sIkFVVEhPUklUSUVTX0tFWSI6WyJST0xFX1VTRVIiXSwiaWF0IjoxNjg2MjMwMDU3LCJleHAiOjE2ODY0NDYwNTd9.ZceFy6-XgStt5B8xI1Gz258KTAaSOrNyqFrtDtjEVD0;
Path=/; Max-Age=3600000; Expires=Thu, 20 Jul 2023 05:14:19 GMT; Secure; HttpOnly; SameSite=None
{
"code": 200,
"message": "로그인 성공",
"token": null,
"expireTimeMs": null
}
Fail (Email-Error)
RequestBody
{
"email":"[email protected]", -> 틀린 이메일
"password" : "1234"
}
ResponseBody
{
"code": 401,
"message": "이메일을 잘못 입력하셨습니다.",
"token": null,
"expireTimeMs": null
}
Fail (Password-Error)
RequestBody
{
"email":"[email protected]",
"password" : "1234" -> 틀린 비밀번호
}
ResponseBody
{
"code": 403,
"message": "비밀번호를 잘못 입력하셨습니다.",
"token": null,
"expireTimeMs": null
}
Success
ResponseBody
{
"code": 200,
"message": "회원 인증 성공",
"token": null,
"name": "kevin",
"email": "[email protected]"
}
Fail
ResponseBody
{
"code": 401,
"message": "회원 인증 실패",
"token": null,
"name": null,
"email": null
}
Success
ResponseBody
{
"code": 200,
"message": "토큰 재발급 성공",
"token": null,
"expireTimeMs": null
}
Fail
ResponseBody
{
"code": 400,
"message": "토큰 재발급 실패",
"token": null,
"expireTimeMs": null
}
Success
RequestBody
{
"currentPassword" : "124",
"newPassword" : "1234"
}
ResponseBody
{
"code": 200,
"message": "비밀번호 변경 완료",
"data": "124"
}
Fail
RequestBody
{
"currentPassword" : "123", -> 틀린 비밀번호
"newPassword" : "1234"
}
ResponseBody
{
"code": 600,
"message": "비밀번호를 잘못 입력하셨습니다.",
"data": null
}
RequestBody
{
"email":"[email protected]", -> 틀린 이메일
"password" : "1234"
}
ResponseBody
{
"currentPassword" : "1234", // 똑같은 비밀번호
"newPassword" : "1234"
}
- TDL
- Task 1 RefreshToken 구현
- Task 2 AccessToken을 RefreshToken로 재발급
- Task 4 Service - impl 분리
- Task 3 API 명세서
- Task 4 프론트와 서버 통신
MIT License
Copyright (c) 2023 My-Rolling-paper
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.