[Spring Core] 원태연, 이승용 미션 제출합니다.

build.gradle

@@ -15,7 +15,7 @@ repositories {
 dependencies {
     implementation 'org.springframework.boot:spring-boot-starter-web'
     implementation 'org.springframework.boot:spring-boot-starter-thymeleaf'
-    implementation 'org.springframework.boot:spring-boot-starter-jdbc'
+    implementation 'org.springframework.boot:spring-boot-starter-data-jpa'
 
     implementation 'dev.akkinoc.spring.boot:logback-access-spring-boot-starter:4.0.0'
 

src/main/java/roomescape/DataLoader.java

@@ -0,0 +1,24 @@
+package roomescape;
+
+import org.springframework.boot.CommandLineRunner;
+import org.springframework.context.annotation.Profile;
+import org.springframework.stereotype.Component;
+import roomescape.member.Member;
+import roomescape.member.MemberRepository;
+
+@Profile("default")
+@Component
+public class DataLoader implements CommandLineRunner {
+
+    private final MemberRepository memberRepository;
+
+    public DataLoader(final MemberRepository memberRepository) {
+        this.memberRepository = memberRepository;
+    }
+
+    @Override
+    public void run(final String... args) throws Exception {
+        final Member member1 = memberRepository.save(new Member("어드민", "[email protected]", "password", "ADMIN"));
+        final Member member2 = memberRepository.save(new Member("브라운", "[email protected]", "password", "USER"));
+    }
+}

src/main/java/roomescape/TestDataLoader.java

@@ -0,0 +1,59 @@
+package roomescape;
+
+import org.springframework.boot.CommandLineRunner;
+import org.springframework.context.annotation.Profile;
+import org.springframework.stereotype.Component;
+import roomescape.member.Member;
+import roomescape.member.MemberRepository;
+import roomescape.reservation.Reservation;
+import roomescape.reservation.ReservationRepository;
+import roomescape.theme.Theme;
+import roomescape.theme.ThemeRepository;
+import roomescape.time.Time;
+import roomescape.time.TimeRepository;
+
+@Profile("test")
+@Component
+public class TestDataLoader implements CommandLineRunner {
+
+    private final MemberRepository memberRepository;
+
+    private final ThemeRepository themeRepository;
+
+    private final TimeRepository timeRepository;
+
+    private final ReservationRepository reservationRepository;
+
+    public TestDataLoader(final MemberRepository memberRepository,
+                          final ThemeRepository themeRepository,
+                          final TimeRepository timeRepository,
+                          final ReservationRepository reservationRepository) {
+        this.memberRepository = memberRepository;
+        this.themeRepository = themeRepository;
+        this.timeRepository = timeRepository;
+        this.reservationRepository = reservationRepository;
+    }
+
+    @Override
+    public void run(final String... args) throws Exception {
+        final Member member1 = memberRepository.save(new Member("어드민", "[email protected]", "password", "ADMIN"));
+        final Member member2 = memberRepository.save(new Member("브라운", "[email protected]", "password", "USER"));
+
+        final Theme theme1 = themeRepository.save(new Theme("테마1", "테마1입니다."));
+        final Theme theme2 = themeRepository.save(new Theme("테마2", "테마2입니다."));
+        final Theme theme3 = themeRepository.save(new Theme("테마3", "테마3입니다."));
+
+        final Time time1 = timeRepository.save(new Time("10:00"));
+        final Time time2 = timeRepository.save(new Time("12:00"));
+        final Time time3 = timeRepository.save(new Time("14:00"));
+        final Time time4 = timeRepository.save(new Time("16:00"));
+        final Time time5 = timeRepository.save(new Time("18:00"));
+        final Time time6 = timeRepository.save(new Time("20:00"));
+
+        reservationRepository.save(new Reservation("어드민", "2024-03-01", time1, theme1, member1));
+        reservationRepository.save(new Reservation("어드민", "2024-03-01", time2, theme2, member1));
+        reservationRepository.save(new Reservation("어드민", "2024-03-01", time3, theme3, member1));
+
+        reservationRepository.save(new Reservation("브라운", "2024-03-01", time4, theme1, member2));
+    }
+}

src/main/java/roomescape/auth/AdminInterceptor.java

@@ -0,0 +1,44 @@
+package roomescape.auth;
+
+import jakarta.servlet.http.Cookie;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import java.util.Arrays;
+import java.util.Optional;
+import org.springframework.stereotype.Component;
+import org.springframework.web.servlet.HandlerInterceptor;
+
+@Component
+public class AdminInterceptor implements HandlerInterceptor {
+
+    private final AuthorizationProvider authorizationProvider;
+
+    public AdminInterceptor(AuthorizationProvider authorizationProvider) {
+        this.authorizationProvider = authorizationProvider;
+    }
+
+    @Override
+    public boolean preHandle(
+            HttpServletRequest request,
+            HttpServletResponse response,
+            Object handler
+    ) {
+        Optional<String> token = Arrays.stream(request.getCookies())
+                .filter(cookie -> cookie.getName().equals("token"))
+                .findFirst()
+                .map(Cookie::getValue);
+        if (token.isEmpty()) {
+            response.setStatus(401);
+            return false;
+        }
+
+        MemberCredential memberCredential = new MemberCredential(token.get());
+        MemberAuthContext memberAuthContext = authorizationProvider.parseCredential(memberCredential);
+        if (!memberAuthContext.role().equalsIgnoreCase("admin")) {
+            response.setStatus(401);
+            return false;
+        }
+
+        return true;
+    }
+}

src/main/java/roomescape/auth/AuthConfig.java

@@ -0,0 +1,16 @@
+package roomescape.auth;
+
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import roomescape.auth.jwt.JwtUtils;
+
+@Configuration
+public class AuthConfig {
+
+    @Bean
+    public JwtUtils jwtUtils(@Value("${roomescape.auth.jwt.secret}") String jwtSecret,
+                             @Value("${roomescape.auth.jwt.expiration}") Long expireMilliseconds) {
+        return new JwtUtils(jwtSecret, expireMilliseconds);
+    }
+}

src/main/java/roomescape/auth/AuthMemberArgumentResolver.java

@@ -0,0 +1,49 @@
+package roomescape.auth;
+
+import jakarta.servlet.http.Cookie;
+import jakarta.servlet.http.HttpServletRequest;
+import java.util.Arrays;
+import org.springframework.core.MethodParameter;
+import org.springframework.stereotype.Component;
+import org.springframework.web.bind.support.WebDataBinderFactory;
+import org.springframework.web.context.request.NativeWebRequest;
+import org.springframework.web.context.request.ServletWebRequest;
+import org.springframework.web.method.support.HandlerMethodArgumentResolver;
+import org.springframework.web.method.support.ModelAndViewContainer;
+
+@Component
+public class AuthMemberArgumentResolver implements HandlerMethodArgumentResolver {
+
+    private final AuthorizationProvider authorizationProvider;
+
+    public AuthMemberArgumentResolver(AuthorizationProvider authorizationProvider) {
+        this.authorizationProvider = authorizationProvider;
+    }
+
+    @Override
+    public boolean supportsParameter(MethodParameter parameter) {
+        return parameter.hasParameterAnnotation(Authentication.class)
+                && parameter.getParameterType().equals(MemberAuthContext.class);
+    }
+
+    @Override
+    public Object resolveArgument(
+            MethodParameter parameter,
+            ModelAndViewContainer mavContainer,
+            NativeWebRequest webRequest,
+            WebDataBinderFactory binderFactory
+    ) {
+        String token = parseTokenFromNativeRequest((ServletWebRequest) webRequest);
+        MemberCredential memberCredential = new MemberCredential(token);
+        return authorizationProvider.parseCredential(memberCredential);
+    }
+
+    private String parseTokenFromNativeRequest(ServletWebRequest webRequest) {
+        HttpServletRequest httpServletRequest = webRequest.getRequest();
+        return Arrays.stream(httpServletRequest.getCookies())
+                .filter(cookie -> cookie.getName().equals("token"))
+                .findFirst()
+                .map(Cookie::getValue)
+                .orElseThrow(() -> new IllegalArgumentException("로그인이 필요합니다."));
+    }
+}

src/main/java/roomescape/auth/AuthWebConfiguration.java

@@ -0,0 +1,33 @@
+package roomescape.auth;
+
+import java.util.List;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.web.method.support.HandlerMethodArgumentResolver;
+import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
+
+@Configuration
+public class AuthWebConfiguration implements WebMvcConfigurer {
+
+    private final AuthMemberArgumentResolver authMemberArgumentResolver;
+    private final AdminInterceptor adminInterceptor;
+
+    public AuthWebConfiguration(
+            AuthMemberArgumentResolver authMemberArgumentResolver,
+            AdminInterceptor adminInterceptor
+    ) {
+        this.authMemberArgumentResolver = authMemberArgumentResolver;
+        this.adminInterceptor = adminInterceptor;
+    }
+
+    @Override
+    public void addArgumentResolvers(List<HandlerMethodArgumentResolver> resolvers) {
+        resolvers.add(authMemberArgumentResolver);
+    }
+
+    @Override
+    public void addInterceptors(InterceptorRegistry registry) {
+        registry.addInterceptor(adminInterceptor)
+                .addPathPatterns("/admin");
+    }
+}

src/main/java/roomescape/auth/Authentication.java

@@ -0,0 +1,11 @@
+package roomescape.auth;
+
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+@Retention(RetentionPolicy.RUNTIME)
+@Target(ElementType.PARAMETER)
+public @interface Authentication {
+}

src/main/java/roomescape/auth/AuthorizationProvider.java

@@ -0,0 +1,8 @@
+package roomescape.auth;
+
+public interface AuthorizationProvider {
+
+    MemberCredential create(MemberAuthContext member);
+
+    MemberAuthContext parseCredential(MemberCredential token);
+}

src/main/java/roomescape/auth/MemberAuthContext.java

@@ -0,0 +1,7 @@
+package roomescape.auth;
+
+public record MemberAuthContext(
+        String name,
+        String role
+) {
+}

src/main/java/roomescape/auth/MemberCredential.java

@@ -0,0 +1,6 @@
+package roomescape.auth;
+
+public record MemberCredential(
+        String authorization
+) {
+}

src/main/java/roomescape/auth/jwt/JwtTokenInfo.java

@@ -0,0 +1,6 @@
+package roomescape.auth.jwt;
+
+public record JwtTokenInfo(
+        String accessToken
+) {
+}

src/main/java/roomescape/auth/jwt/JwtUtils.java

@@ -0,0 +1,52 @@
+package roomescape.auth.jwt;
+
+import io.jsonwebtoken.Claims;
+import io.jsonwebtoken.Jwts;
+import io.jsonwebtoken.io.Decoders;
+import io.jsonwebtoken.security.Keys;
+import java.util.Date;
+import roomescape.auth.AuthorizationProvider;
+import roomescape.auth.MemberAuthContext;
+import roomescape.auth.MemberCredential;
+
+public class JwtUtils implements AuthorizationProvider {
+
+    private static final String USER_NAME = "name";
+    private static final String USER_ROLE = "role";
+
+    private final String jwtSecret;
+    private final Long validityInMilliseconds;
+
+    public JwtUtils(String jwtSecret,
+                    Long expireMilliseconds) {
+        this.jwtSecret = jwtSecret;
+        this.validityInMilliseconds = expireMilliseconds;
+    }
+
+    public MemberCredential create(MemberAuthContext context) {
+        Date now = new Date();
+        Date validity = new Date(now.getTime() + validityInMilliseconds);
+        String tokenValue = Jwts.builder()
+                .claim(USER_NAME, context.name())
+                .claim(USER_ROLE, context.role())
+                .setIssuedAt(now)
+                .setExpiration(validity)
+                .signWith(Keys.hmacShaKeyFor(Decoders.BASE64URL.decode(jwtSecret)))
+                .compact();
+        return new MemberCredential(tokenValue);
+    }
+
+    @Override
+    public MemberAuthContext parseCredential(MemberCredential token) {
+        Claims claims = Jwts.parserBuilder()
+                .setSigningKey(Keys.hmacShaKeyFor(Decoders.BASE64URL.decode(jwtSecret)))
+                .build()
+                .parseClaimsJws(token.authorization())
+                .getBody();
+
+        return new MemberAuthContext(
+                claims.get(USER_NAME, String.class),
+                claims.get(USER_ROLE, String.class)
+        );
+    }
+}

src/main/java/roomescape/member/Member.java

@@ -1,10 +1,23 @@
 package roomescape.member;
 
+import jakarta.persistence.Entity;
+import jakarta.persistence.GeneratedValue;
+import jakarta.persistence.GenerationType;
+import jakarta.persistence.Id;
+
+@Entity
 public class Member {
+
+    @Id
+    @GeneratedValue(strategy = GenerationType.IDENTITY)
     private Long id;
+
     private String name;
+
     private String email;
+
     private String password;
+
     private String role;
 
     public Member(Long id, String name, String email, String role) {
@@ -21,6 +34,10 @@ public Member(String name, String email, String password, String role) {
         this.role = role;
     }
 
+    public Member() {
+
+    }
+
     public Long getId() {
         return id;
     }