[Spring MVC (인증)] 이준민 미션 제출합니다.

src/main/java/roomescape/AdminInterceptor.java

@@ -0,0 +1,55 @@
+package roomescape;
+
+import io.jsonwebtoken.Jwts;
+import io.jsonwebtoken.security.Keys;
+import jakarta.servlet.http.Cookie;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import org.springframework.stereotype.Component;
+import org.springframework.web.servlet.HandlerInterceptor;
+import roomescape.member.MemberService;
+
+@Component
+public class AdminInterceptor implements HandlerInterceptor {
+    private final String SECRET_KEY = "Yn2kjibddFAWtnPJ2AFlL8WXmohJMCvigQggaEypa5E=";
+    private final MemberService memberService;
+
+    public AdminInterceptor(MemberService memberService) {
+        this.memberService = memberService;
+    }
+
+    @Override
+    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
+        String token = extractTokenFromCookie(request.getCookies());
+        if (token.isEmpty()) {
+            response.setStatus(401); // Unauthorized
+            return false;
+        }
+
+        // JWT 토큰에서 사용자 정보 추출
+        String role = Jwts.parserBuilder()
+                .setSigningKey(Keys.hmacShaKeyFor(SECRET_KEY.getBytes()))
+                .build()
+                .parseClaimsJws(token)
+                .getBody()
+                .get("role", String.class);
+
+        if (role == null || !role.equals("ADMIN")) {
+            response.setStatus(401); // Unauthorized
+            return false;
+        }
+
+        return true; // ADMIN 권한이 있는 경우만 true 반환
+    }
+
+    private String extractTokenFromCookie(Cookie[] cookies) {
+        if (cookies != null) {
+            for (Cookie cookie : cookies) {
+                if (cookie.getName().equals("token")) {
+                    return cookie.getValue();
+                }
+            }
+        }
+        return "";
+    }
+}

src/main/java/roomescape/WebConfig.java

@@ -0,0 +1,31 @@
+package roomescape;
+
+import org.springframework.context.annotation.Configuration;
+import org.springframework.web.method.support.HandlerMethodArgumentResolver;
+import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
+import roomescape.member.LoginMemberArgumentResolver;
+
+import java.util.List;
+
+@Configuration
+public class WebConfig implements WebMvcConfigurer {
+    private final LoginMemberArgumentResolver loginMemberArgumentResolver;
+    private final AdminInterceptor adminInterceptor;
+
+    public WebConfig(AdminInterceptor adminInterceptor, LoginMemberArgumentResolver loginMemberArgumentResolver) {
+        this.loginMemberArgumentResolver = loginMemberArgumentResolver;
+        this.adminInterceptor = adminInterceptor;
+    }
+
+    @Override
+    public void addArgumentResolvers(List<HandlerMethodArgumentResolver> resolvers) {
+        resolvers.add(loginMemberArgumentResolver);
+    }
+
+    @Override
+    public void addInterceptors(InterceptorRegistry registry) {
+        registry.addInterceptor(adminInterceptor)
+                .addPathPatterns("/admin"); // /admin 경로에만 적용
+    }
+}

src/main/java/roomescape/member/LoginMember.java

@@ -0,0 +1,31 @@
+package roomescape.member;
+
+public class LoginMember {
+    private Long id;
+    private String name;
+    private String email;
+    private String role;
+
+    public LoginMember(Long id, String name, String email, String role) {
+        this.id = id;
+        this.name = name;
+        this.email = email;
+        this.role = role;
+    }
+
+    public Long getId() {
+        return id;
+    }
+
+    public String getName() {
+        return name;
+    }
+
+    public String getEmail() {
+        return email;
+    }
+
+    public String getRole() {
+        return role;
+    }
+}

src/main/java/roomescape/member/LoginMemberArgumentResolver.java

@@ -0,0 +1,58 @@
+package roomescape.member;
+
+import io.jsonwebtoken.Jwts;
+import io.jsonwebtoken.security.Keys;
+import jakarta.servlet.http.Cookie;
+import jakarta.servlet.http.HttpServletRequest;
+import org.springframework.core.MethodParameter;
+import org.springframework.stereotype.Component;
+import org.springframework.web.bind.support.WebDataBinderFactory;
+import org.springframework.web.context.request.NativeWebRequest;
+import org.springframework.web.method.support.HandlerMethodArgumentResolver;
+import org.springframework.web.method.support.ModelAndViewContainer;
+
+@Component
+public class LoginMemberArgumentResolver implements HandlerMethodArgumentResolver {
+    private final String secretKey = "Yn2kjibddFAWtnPJ2AFlL8WXmohJMCvigQggaEypa5E=";
+    private final MemberService memberService;
+
+    public LoginMemberArgumentResolver(MemberService memberService) {
+        this.memberService = memberService;
+    }
+
+    @Override
+    public boolean supportsParameter(MethodParameter parameter) {
+        return parameter.getParameterType().equals(LoginMember.class);
+    }
+
+    @Override
+    public Object resolveArgument(MethodParameter parameter, ModelAndViewContainer mavContainer, NativeWebRequest webRequest, WebDataBinderFactory binderFactory) {
+        HttpServletRequest request = (HttpServletRequest) webRequest.getNativeRequest();
+        String token = extractTokenFromCookie(request.getCookies());
+        if (token.isEmpty()) {
+            return null; // 로그인되지 않은 사용자
+        }
+
+        // JWT에서 사용자 정보 추출
+        Long memberId = Long.valueOf(Jwts.parserBuilder()
+                .setSigningKey(Keys.hmacShaKeyFor(secretKey.getBytes()))
+                .build()
+                .parseClaimsJws(token)
+                .getBody()
+                .getSubject());
+
+        Member member = memberService.findById(memberId);
+        return new LoginMember(member.getId(), member.getName(), member.getEmail(), member.getRole());
+    }
+
+    private String extractTokenFromCookie(Cookie[] cookies) {
+        if (cookies != null) {
+            for (Cookie cookie : cookies) {
+                if (cookie.getName().equals("token")) {
+                    return cookie.getValue();
+                }
+            }
+        }
+        return "";
+    }
+}

src/main/java/roomescape/member/MemberController.java

@@ -1,5 +1,7 @@
 package roomescape.member;
 
+import io.jsonwebtoken.Jwts;
+import io.jsonwebtoken.security.Keys;
 import jakarta.servlet.http.Cookie;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
@@ -14,6 +16,7 @@
 @RestController
 public class MemberController {
     private MemberService memberService;
+    private final String secretKey = "Yn2kjibddFAWtnPJ2AFlL8WXmohJMCvigQggaEypa5E=";
 
     public MemberController(MemberService memberService) {
         this.memberService = memberService;
@@ -34,4 +37,60 @@ public ResponseEntity logout(HttpServletResponse response) {
         response.addCookie(cookie);
         return ResponseEntity.ok().build();
     }
+
+    @PostMapping("/login")
+    public ResponseEntity<Void> login(@RequestBody MemberRequest memberRequest, HttpServletResponse response) {
+        try {
+            Member member = memberService.findByEmailAndPassword(memberRequest.getEmail(), memberRequest.getPassword());
+
+            // JWT 토큰 생성
+            String token = Jwts.builder()
+                    .setSubject(member.getId().toString())
+                    .claim("name", member.getName())
+                    .claim("role", member.getRole())
+                    .signWith(Keys.hmacShaKeyFor(secretKey.getBytes()))
+                    .compact();
+
+            // 쿠키 생성
+            Cookie cookie = new Cookie("token", token);
+            cookie.setHttpOnly(true);
+            cookie.setPath("/");
+            response.addCookie(cookie);
+
+            return ResponseEntity.ok().build();
+        } catch (Exception e) {
+            return ResponseEntity.status(401).build(); // Unauthorized
+        }
+    }
+
+    @GetMapping("/login/check")
+    public ResponseEntity<MemberResponse> checkLogin(HttpServletRequest request) {
+        String token = extractTokenFromCookie(request.getCookies());
+        if (token.isEmpty()) {
+            return ResponseEntity.status(401).build(); // Unauthorized
+        }
+
+        // JWT 토큰에서 사용자 정보 추출
+        Long memberId = Long.valueOf(Jwts.parserBuilder()
+                .setSigningKey(Keys.hmacShaKeyFor(secretKey.getBytes()))
+                .build()
+                .parseClaimsJws(token)
+                .getBody()
+                .getSubject());
+
+        // ID로 사용자 조회
+        Member member = memberService.findById(memberId);
+        return ResponseEntity.ok(new MemberResponse(member.getId(), member.getName(), member.getEmail()));
+    }
+
+    private String extractTokenFromCookie(Cookie[] cookies) {
+        if (cookies != null) {
+            for (Cookie cookie : cookies) {
+                if (cookie.getName().equals("token")) {
+                    return cookie.getValue();
+                }
+            }
+        }
+        return "";
+    }
 }

src/main/java/roomescape/member/MemberDao.java

@@ -52,4 +52,17 @@ public Member findByName(String name) {
                 name
         );
     }
+
+    public Member findById(Long id) {
+        return jdbcTemplate.queryForObject(
+                "SELECT id, name, email, role FROM member WHERE id = ?",
+                (rs, rowNum) -> new Member(
+                        rs.getLong("id"),
+                        rs.getString("name"),
+                        rs.getString("email"),
+                        rs.getString("role")
+                ),
+                id
+        );
+    }
 }

src/main/java/roomescape/member/MemberService.java

@@ -14,4 +14,12 @@ public MemberResponse createMember(MemberRequest memberRequest) {
         Member member = memberDao.save(new Member(memberRequest.getName(), memberRequest.getEmail(), memberRequest.getPassword(), "USER"));
         return new MemberResponse(member.getId(), member.getName(), member.getEmail());
     }
+
+    public Member findByEmailAndPassword(String email, String password) {
+        return memberDao.findByEmailAndPassword(email, password);
+    }
+
+    public Member findById(Long id) {
+        return memberDao.findById(id);
+    }
 }

src/main/java/roomescape/reservation/ReservationController.java

@@ -7,6 +7,7 @@
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RestController;
+import roomescape.member.LoginMember;
 
 import java.net.URI;
 import java.util.List;
@@ -26,15 +27,12 @@ public List<ReservationResponse> list() {
     }
 
     @PostMapping("/reservations")
-    public ResponseEntity create(@RequestBody ReservationRequest reservationRequest) {
-        if (reservationRequest.getName() == null
-                || reservationRequest.getDate() == null
-                || reservationRequest.getTheme() == null
-                || reservationRequest.getTime() == null) {
-            return ResponseEntity.badRequest().build();
+    public ResponseEntity create(@RequestBody ReservationRequest reservationRequest, LoginMember member) {
+        if (reservationRequest.getName() == null) {
+            reservationRequest.setName(member.getName());
         }
-        ReservationResponse reservation = reservationService.save(reservationRequest);
 
+        ReservationResponse reservation = reservationService.save(reservationRequest);
         return ResponseEntity.created(URI.create("/reservations/" + reservation.getId())).body(reservation);
     }
 

src/main/java/roomescape/reservation/ReservationRequest.java

@@ -10,6 +10,8 @@ public String getName() {
         return name;
     }
 
+    public void setName(String name) { this.name = name; }
+
     public String getDate() {
         return date;
     }