diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 1c8258e..8ee7c6e 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -27,13 +27,13 @@ jobs: - name: Build with Gradle run: ./gradlew bootJar - - name: Docker build & push to prod + - name: Build Docker image and push run: | docker login -u ${{ secrets.DOCKER_USERNAME }} -p ${{ secrets.DOCKER_PASSWORD }} docker build -f Dockerfile -t ${{ secrets.DOCKER_USERNAME }}/sopo_v2 . docker push ${{ secrets.DOCKER_USERNAME }}/sopo_v2 - - name: Deploy to prod + - name: Deploy to Production uses: appleboy/ssh-action@master id: deploy-prod with: @@ -43,16 +43,24 @@ jobs: port: ${{ secrets.PORT }} #ssh port (22) envs: GITHUB_SHA script: | - docker stop sopo_v2 - docker rm sopo_v2 - docker rmi ${{ secrets.DOCKER_USERNAME }}/sopo_v2 + docker stop sopo_v2 || true + docker rm sopo_v2 || true + docker rmi ${{ secrets.DOCKER_USERNAME }}/sopo_v2 || true docker pull ${{ secrets.DOCKER_USERNAME }}/sopo_v2 docker run -d -p 8080:8080 --name sopo_v2 ${{ secrets.DOCKER_USERNAME }}/sopo_v2 - - sudo docker pull redis:latest - sudo docker run -d --name redis -p 6379:6379 --network redis-network redis:latest - sudo docker rm -f alimo_redis alimo_app - docker rmi ${{ secrets.DOCKER_USERNAME }}/alimo:latest + + docker stop redis || true + docker rm redis || true + docker rmi redis || true + docker pull redis:latest + docker run -d --name redis -p 6379:6379 redis:latest + + docker stop alimo_redis || true + docker rm alimo_redis || true docker pull ${{ secrets.DOCKER_USERNAME }}/alimo:latest - sudo docker run -d --name alimo_redis_new redis:latest + docker run -d --name alimo_redis -p 6379:6379 redis:latest + + docker stop alimo || true + docker rm alimo || true + docker rmi ${{ secrets.DOCKER_USERNAME }}/alimo:latest || true docker run -d -p 80:8080 --name alimo ${{ secrets.DOCKER_USERNAME }}/alimo:latest \ No newline at end of file diff --git a/src/main/java/kr/hs/dgsw/SOPO_server_v2/domain/auth/dto/res/TokenRes.java b/src/main/java/kr/hs/dgsw/SOPO_server_v2/domain/auth/dto/res/TokenRes.java index ec2f159..b33254c 100644 --- a/src/main/java/kr/hs/dgsw/SOPO_server_v2/domain/auth/dto/res/TokenRes.java +++ b/src/main/java/kr/hs/dgsw/SOPO_server_v2/domain/auth/dto/res/TokenRes.java @@ -1,5 +1,8 @@ package kr.hs.dgsw.SOPO_server_v2.domain.auth.dto.res; +import lombok.Builder; + +@Builder public record TokenRes( String accessToken, String refreshToken diff --git a/src/main/java/kr/hs/dgsw/SOPO_server_v2/domain/auth/service/AuthService.java b/src/main/java/kr/hs/dgsw/SOPO_server_v2/domain/auth/service/AuthService.java index 1c50ea4..a4be6f6 100644 --- a/src/main/java/kr/hs/dgsw/SOPO_server_v2/domain/auth/service/AuthService.java +++ b/src/main/java/kr/hs/dgsw/SOPO_server_v2/domain/auth/service/AuthService.java @@ -35,7 +35,6 @@ @Component @RequiredArgsConstructor public class AuthService { - private final AuthenticationManager authenticationManager; private final JwtProvider jwtProvider; private final AuthEmailService authEmailService; private final MemberRepository memberRepository; @@ -78,13 +77,9 @@ public ResponseData signIn(SignInReq signInReq){ throw WrongPasswordException.EXCEPTION; } - Authentication authenticate = authenticationManager.authenticate( - new UsernamePasswordAuthenticationToken(signInReq.memberId(), signInReq.memberPassword())); - - MemberEntity member = ((CustomMemberDetails) authenticate.getPrincipal()).member(); return ResponseData.of(HttpStatus.OK, "로그인 성공", JsonWebTokenResponse.builder() - .accessToken(jwtProvider.generateAccessToken(member.getMemberId(), member.getMemberState())) - .refreshToken(jwtProvider.generateRefreshToken(member.getMemberId(), member.getMemberState())) + .accessToken(jwtProvider.generateAccessToken(memberEntity.getMemberId(), memberEntity.getMemberState())) + .refreshToken(jwtProvider.generateRefreshToken(memberEntity.getMemberId(), memberEntity.getMemberState())) .build()); } diff --git a/src/main/java/kr/hs/dgsw/SOPO_server_v2/domain/member/enums/MemberState.java b/src/main/java/kr/hs/dgsw/SOPO_server_v2/domain/member/enums/MemberState.java index d2acd90..fc96fd8 100644 --- a/src/main/java/kr/hs/dgsw/SOPO_server_v2/domain/member/enums/MemberState.java +++ b/src/main/java/kr/hs/dgsw/SOPO_server_v2/domain/member/enums/MemberState.java @@ -6,7 +6,7 @@ @Getter @RequiredArgsConstructor public enum MemberState { - ACTIVE("STATE_ACTIVE"), - DELETED("STAVE_DELETED"); + ACTIVE("ROLE_ACTIVE"), + DELETED("ROLE_DELETED"); private final String key; } diff --git a/src/main/java/kr/hs/dgsw/SOPO_server_v2/global/config/security/SecurityConfig.java b/src/main/java/kr/hs/dgsw/SOPO_server_v2/global/config/security/SecurityConfig.java index 553f790..09062bb 100644 --- a/src/main/java/kr/hs/dgsw/SOPO_server_v2/global/config/security/SecurityConfig.java +++ b/src/main/java/kr/hs/dgsw/SOPO_server_v2/global/config/security/SecurityConfig.java @@ -32,10 +32,8 @@ @EnableWebSecurity @RequiredArgsConstructor public class SecurityConfig { - private final MemberDetailsService memberDetailsService; private final JwtFilter jwtFilter; private final JwtExceptionFilter jwtExceptionFilter; - private final PasswordEncoder passwordEncoder; @Bean public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { @@ -56,16 +54,16 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { .requestMatchers("/auth/**").permitAll() .requestMatchers("/email/**").permitAll() .requestMatchers("/re_provide/**").permitAll() - .requestMatchers("/file/**").hasRole("ACTIVE") - .requestMatchers("/board/**").hasRole("ACTIVE") - .requestMatchers("/contest/**").hasRole("ACTIVE") - .requestMatchers("/like/**").hasRole("ACTIVE") + .requestMatchers("/file/**").hasAuthority("ROLE_ACTIVE") + .requestMatchers("/board/**").hasAuthority("ROLE_ACTIVE") + .requestMatchers("/contest/**").hasAuthority("ROLE_ACTIVE") + .requestMatchers("/like/**").hasAuthority("ROLE_ACTIVE") .anyRequest().authenticated() .and() .formLogin().disable() .exceptionHandling() .accessDeniedHandler((req, res, e) -> jwtExceptionFilter.responseToClient(res, ErrorResponse.of(StatusEnum.INVALID_ROLE, "권한이 없습니다"))) - .authenticationEntryPoint(new HttpStatusEntryPoint(HttpStatus.NOT_FOUND)); + .authenticationEntryPoint(new HttpStatusEntryPoint(HttpStatus.FORBIDDEN)); return http.build(); } @@ -83,17 +81,4 @@ public CorsConfigurationSource corsConfigurationSource() { return source; } - - @Bean - public AuthenticationManager authenticationManager(AuthenticationConfiguration configuration) throws Exception { - return configuration.getAuthenticationManager(); - } - - @Bean - public AuthenticationProvider authenticationProvider() { - DaoAuthenticationProvider authenticationProvider = new DaoAuthenticationProvider(); - authenticationProvider.setUserDetailsService(memberDetailsService); - authenticationProvider.setPasswordEncoder(passwordEncoder); - return authenticationProvider; - } } \ No newline at end of file diff --git a/src/main/java/kr/hs/dgsw/SOPO_server_v2/global/infra/security/MemberDetailsService.java b/src/main/java/kr/hs/dgsw/SOPO_server_v2/global/infra/security/MemberDetailsService.java index 63af7eb..c422145 100644 --- a/src/main/java/kr/hs/dgsw/SOPO_server_v2/global/infra/security/MemberDetailsService.java +++ b/src/main/java/kr/hs/dgsw/SOPO_server_v2/global/infra/security/MemberDetailsService.java @@ -1,20 +1,21 @@ package kr.hs.dgsw.SOPO_server_v2.global.infra.security; +import kr.hs.dgsw.SOPO_server_v2.domain.auth.dto.res.TokenRes; import kr.hs.dgsw.SOPO_server_v2.domain.member.entity.MemberEntity; import kr.hs.dgsw.SOPO_server_v2.domain.member.repository.MemberRepository; +import kr.hs.dgsw.SOPO_server_v2.global.infra.jwt.JwtProvider; import lombok.RequiredArgsConstructor; -import org.springframework.security.core.userdetails.UserDetails; -import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.stereotype.Component; @Component @RequiredArgsConstructor -public class MemberDetailsService implements UserDetailsService { +public class MemberDetailsService { private final MemberRepository memberRepository; + private final JwtProvider jwtProvider; - public UserDetails loadUserByUsername(String id) { + public TokenRes loadUserByUsername(String id) { MemberEntity memberEntity = memberRepository.findByMemberId(id); - return CustomMemberDetails.of(memberEntity); + return jwtProvider.generateToken(id, memberEntity.getMemberState()); } }