feat: 자동 로그인 기능 추가 및 리졸버에서 파싱하도록 구현

nuyh99 · nuyh99 · commit 75a88db8c146 · 2024-01-03T17:35:39.000+09:00
diff --git a/src/main/java/com/example/busan/auth/AuthController.java b/src/main/java/com/example/busan/auth/AuthController.java
@@ -1,11 +1,13 @@
 package com.example.busan.auth;
 
+import com.example.busan.auth.domain.AutoLoginManager;
 import com.example.busan.auth.dto.AuthenticatePhoneRequest;
 import com.example.busan.auth.dto.Authentication;
 import com.example.busan.auth.dto.FindEmailResponse;
 import com.example.busan.auth.dto.LoginRequest;
 import com.example.busan.auth.service.AuthService;
 import com.example.busan.auth.service.PhoneAuthenticator;
+import jakarta.servlet.http.HttpServletResponse;
 import jakarta.servlet.http.HttpSession;
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.GetMapping;
@@ -23,15 +25,26 @@ public class AuthController {
 
     private final AuthService authService;
     private final PhoneAuthenticator phoneAuthenticator;
+    private final AutoLoginManager autoLoginManager;
 
-    public AuthController(final AuthService authService, final PhoneAuthenticator phoneAuthenticator) {
+    public AuthController(final AuthService authService,
+                          final PhoneAuthenticator phoneAuthenticator,
+                          AutoLoginManager autoLoginManager) {
         this.authService = authService;
         this.phoneAuthenticator = phoneAuthenticator;
+        this.autoLoginManager = autoLoginManager;
     }
 
     @PostMapping("/login")
-    public ResponseEntity<Void> login(@RequestBody final LoginRequest request, final HttpSession session) {
+    public ResponseEntity<Void> login(@RequestBody final LoginRequest request,
+                                      final HttpServletResponse httpServletResponse,
+                                      final HttpSession session) {
         final Authentication authentication = authService.login(request);
+
+        if (request.isAuto()) {
+            autoLoginManager.setAutoCookie(session, httpServletResponse, authentication);
+        }
+
         session.setAttribute(AUTHORIZATION, authentication);
         return ResponseEntity.noContent().build();
     }
diff --git a/src/main/java/com/example/busan/auth/AuthorizationArgumentResolver.java b/src/main/java/com/example/busan/auth/AuthorizationArgumentResolver.java
@@ -1,8 +1,9 @@
 package com.example.busan.auth;
 
 import com.example.busan.auth.domain.Authorized;
+import com.example.busan.auth.domain.AutoLoginManager;
 import com.example.busan.auth.dto.Authentication;
-import com.example.busan.auth.exception.UnauthorizedException;
+import jakarta.servlet.http.HttpServletRequest;
 import org.springframework.core.MethodParameter;
 import org.springframework.stereotype.Component;
 import org.springframework.web.bind.support.WebDataBinderFactory;
@@ -11,12 +12,17 @@
 import org.springframework.web.method.support.ModelAndViewContainer;
 
 import static com.example.busan.auth.AuthController.AUTHORIZATION;
-import static java.util.Objects.isNull;
 import static org.springframework.web.context.request.RequestAttributes.SCOPE_SESSION;
 
 @Component
 public class AuthorizationArgumentResolver implements HandlerMethodArgumentResolver {
 
+    private final AutoLoginManager autoLoginManager;
+
+    public AuthorizationArgumentResolver(AutoLoginManager autoLoginManager) {
+        this.autoLoginManager = autoLoginManager;
+    }
+
     @Override
     public boolean supportsParameter(final MethodParameter parameter) {
         final boolean hasAnnotation = parameter.hasParameterAnnotation(Authorized.class);
@@ -29,12 +35,13 @@ public boolean supportsParameter(final MethodParameter parameter) {
     public Object resolveArgument(final MethodParameter parameter,
                                   final ModelAndViewContainer mavContainer,
                                   final NativeWebRequest webRequest,
-                                  final WebDataBinderFactory binderFactory) throws Exception {
-        final Object authentication = webRequest.getAttribute(AUTHORIZATION, SCOPE_SESSION);
-        if (isNull(authentication)) {
-            throw new UnauthorizedException();
+                                  final WebDataBinderFactory binderFactory) {
+        Object authentication = webRequest.getAttribute(AUTHORIZATION, SCOPE_SESSION);
+        if (authentication != null) {
+            return authentication;
         }
 
-        return authentication;
+        final HttpServletRequest request = webRequest.getNativeRequest(HttpServletRequest.class);
+        return autoLoginManager.getAuthentication(request);
     }
 }
diff --git a/src/main/java/com/example/busan/auth/domain/AutoLogin.java b/src/main/java/com/example/busan/auth/domain/AutoLogin.java
@@ -0,0 +1,31 @@
+package com.example.busan.auth.domain;
+
+import com.example.busan.auth.dto.Authentication;
+import jakarta.persistence.Embedded;
+import jakarta.persistence.Entity;
+import jakarta.persistence.Id;
+
+@Entity
+public class AutoLogin {
+
+    @Id
+    private String id;
+    @Embedded
+    private Authentication authentication;
+
+    protected AutoLogin() {
+    }
+
+    public AutoLogin(final String id, final Authentication authentication) {
+        this.id = id;
+        this.authentication = authentication;
+    }
+
+    public String getId() {
+        return id;
+    }
+
+    public Authentication getAuthentication() {
+        return authentication;
+    }
+}
diff --git a/src/main/java/com/example/busan/auth/domain/AutoLoginManager.java b/src/main/java/com/example/busan/auth/domain/AutoLoginManager.java
@@ -1,6 +1,11 @@
 package com.example.busan.auth.domain;
 
+import com.example.busan.auth.dto.Authentication;
+import com.example.busan.auth.exception.UnauthorizedException;
+import jakarta.servlet.http.Cookie;
 import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import jakarta.servlet.http.HttpSession;
 import org.springframework.stereotype.Component;
 
 import java.util.Arrays;
@@ -10,12 +15,56 @@ public class AutoLoginManager {
 
     public static final String AUTO_LOGIN_COOKIE_NAME = "AUTO";
 
+    private final AutoLoginRepository autoLoginRepository;
+
+    public AutoLoginManager(AutoLoginRepository autoLoginRepository) {
+        this.autoLoginRepository = autoLoginRepository;
+    }
+
     public boolean isAuto(final HttpServletRequest request) {
         if (request == null) {
             return false;
         }
 
         return Arrays.stream(request.getCookies())
-                .anyMatch(cookie -> cookie.getName().equals("AUTO"));
+                .anyMatch(cookie -> cookie.getName().equals(AUTO_LOGIN_COOKIE_NAME));
+    }
+
+    public void setAutoCookie(final HttpSession httpSession,
+                              final HttpServletResponse response,
+                              final Authentication authentication) {
+        final String id = httpSession.getId();
+
+        autoLoginRepository.save(new AutoLogin(id, authentication));
+
+        final Cookie cookie = new Cookie(AUTO_LOGIN_COOKIE_NAME, id);
+        cookie.setPath("/");
+        cookie.setMaxAge(Integer.MAX_VALUE);
+        response.addCookie(cookie);
+    }
+
+    public Authentication getAuthentication(final HttpServletRequest request) {
+        final Cookie autoLoggedInCookie = getAutoLoggedInCookie(request);
+
+        final String id = autoLoggedInCookie.getValue();
+        return autoLoginRepository.findById(id)
+                .orElseThrow(UnauthorizedException::new)
+                .getAuthentication();
+    }
+
+    private Cookie getAutoLoggedInCookie(final HttpServletRequest request) {
+        return Arrays.stream(request.getCookies())
+                .filter(cookie -> cookie.getName().equals(AUTO_LOGIN_COOKIE_NAME))
+                .findAny()
+                .orElseThrow(UnauthorizedException::new);
+    }
+
+    public void removeAutoLogin(final HttpServletRequest request,
+                                final HttpServletResponse response) {
+        final Cookie autoLoggedInCookie = getAutoLoggedInCookie(request);
+        autoLoggedInCookie.setMaxAge(0);
+        response.addCookie(autoLoggedInCookie);
+
+        autoLoginRepository.deleteById(autoLoggedInCookie.getValue());
     }
 }
diff --git a/src/main/java/com/example/busan/auth/domain/AutoLoginRepository.java b/src/main/java/com/example/busan/auth/domain/AutoLoginRepository.java
@@ -0,0 +1,6 @@
+package com.example.busan.auth.domain;
+
+import org.springframework.data.jpa.repository.JpaRepository;
+
+public interface AutoLoginRepository extends JpaRepository<AutoLogin, String> {
+}
diff --git a/src/main/java/com/example/busan/auth/dto/Authentication.java b/src/main/java/com/example/busan/auth/dto/Authentication.java
@@ -2,8 +2,12 @@
 
 import com.example.busan.member.domain.Member;
 import com.example.busan.member.domain.Role;
+import jakarta.persistence.Embeddable;
+import jakarta.persistence.EnumType;
+import jakarta.persistence.Enumerated;
 
-public record Authentication(String email, Role role) {
+@Embeddable
+public record Authentication(String email, @Enumerated(value = EnumType.STRING) Role role) {
 
     public static Authentication from(final Member member) {
         return new Authentication(member.getEmail(), member.getRole());
diff --git a/src/main/java/com/example/busan/auth/dto/LoginRequest.java b/src/main/java/com/example/busan/auth/dto/LoginRequest.java
@@ -1,4 +1,4 @@
 package com.example.busan.auth.dto;
 
-public record LoginRequest(String email, String password) {
+public record LoginRequest(String email, String password, boolean isAuto) {
 }
diff --git a/src/main/resources/db/migration/V5__add_auto_login_table.sql b/src/main/resources/db/migration/V5__add_auto_login_table.sql
@@ -0,0 +1,6 @@
+CREATE TABLE auto_login
+(
+    id    VARCHAR(40) PRIMARY KEY,
+    email VARCHAR(255)          NOT NULL,
+    role  ENUM ('ADMIN','USER') NOT NULL
+);
diff --git a/src/test/java/com/example/busan/DatabaseCleaner.java b/src/test/java/com/example/busan/DatabaseCleaner.java
@@ -3,27 +3,29 @@
 import jakarta.persistence.EntityManager;
 import jakarta.persistence.PersistenceContext;
 import jakarta.persistence.Query;
-import jakarta.persistence.metamodel.EntityType;
 import org.springframework.beans.factory.InitializingBean;
 import org.springframework.stereotype.Component;
 import org.springframework.transaction.annotation.Transactional;
 
 import java.util.List;
-import java.util.Set;
 
 @Component
 public class DatabaseCleaner implements InitializingBean {
 
+    private static final String TRUNCATE = "TRUNCATE ";
+    private static final String FLYWAY = "flyway";
+
     @PersistenceContext
     private EntityManager entityManager;
     private List<String> truncateDMLs;
 
     @Override
     public void afterPropertiesSet() {
-        final Set<EntityType<?>> entities = entityManager.getMetamodel().getEntities();
+        final List<String> tableNames = entityManager.createNativeQuery("SHOW TABLES ").getResultList();
 
-        truncateDMLs = entities.stream()
-                .map(entity -> "TRUNCATE " + entity.getName().toLowerCase())
+        truncateDMLs = tableNames.stream()
+                .filter(tableName -> !tableName.contains(FLYWAY))
+                .map(TRUNCATE::concat)
                 .toList();
     }
 
diff --git a/src/test/java/com/example/busan/auth/AuthControllerTest.java b/src/test/java/com/example/busan/auth/AuthControllerTest.java
@@ -48,7 +48,7 @@ void login() throws Exception {
         final Authentication authentication = new Authentication("email@naver.com", Role.USER);
         given(authService.login(any()))
                 .willReturn(authentication);
-        final String request = objectMapper.writeValueAsString(new LoginRequest("email@naver.com", "password"));
+        final String request = objectMapper.writeValueAsString(new LoginRequest("email@naver.com", "password", true));
 
         //when
         final MockHttpServletResponse response = mockMvc.perform(
@@ -60,7 +60,8 @@ void login() throws Exception {
                 .andDo(document("로그인 하기",
                         requestFields(
                                 fieldWithPath("email").description("이메일"),
-                                fieldWithPath("password").description("비밀번호"))))
+                                fieldWithPath("password").description("비밀번호"),
+                                fieldWithPath("isAuto").description("자동 로그인 여부"))))
                 .andReturn()
                 .getResponse();
 
diff --git a/src/test/java/com/example/busan/auth/AuthenticationServiceTest.java b/src/test/java/com/example/busan/auth/AuthenticationServiceTest.java
@@ -42,7 +42,7 @@ void initDatabase() {
     void login() {
         //given
         final Member member = createMember();
-        final LoginRequest request = new LoginRequest(member.getEmail(), "@password1234");
+        final LoginRequest request = new LoginRequest(member.getEmail(), "@password1234", false);
 
         //when
         final Authentication login = authService.login(request);
@@ -55,7 +55,7 @@ void login() {
     @DisplayName("로그인 실패")
     void login_fail() {
         //given
-        final LoginRequest request = new LoginRequest("ididididid", "@password1234");
+        final LoginRequest request = new LoginRequest("ididididid", "@password1234", false);
 
         //when, then
         assertThatThrownBy(() -> authService.login(request))
diff --git a/src/test/java/com/example/busan/auth/AuthorizationArgumentResolverTest.java b/src/test/java/com/example/busan/auth/AuthorizationArgumentResolverTest.java
diff --git a/src/test/java/com/example/busan/auth/domain/AutoLoginManagerTest.java b/src/test/java/com/example/busan/auth/domain/AutoLoginManagerTest.java

Original file line number	Diff line number	Diff line change
`@@ -1,4 +1,4 @@`
`1`	`1`	`package com.example.busan.auth.dto;`
`2`	`2`
`3`		`-public record LoginRequest(String email, String password) {`
	`3`	`+public record LoginRequest(String email, String password, boolean isAuto) {`
`4`	`4`	`}`