[feat] 사용자 로그인 api & 토큰 재발급 api & JWT 인증인가 세팅

api/src/main/java/dev/hooon/auth/AuthApiController.java

@@ -0,0 +1,42 @@
+package dev.hooon.auth;
+
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+import dev.hooon.auth.application.AuthService;
+import dev.hooon.auth.dto.request.AuthRequest;
+
+import dev.hooon.auth.dto.response.AuthResponse;
+import jakarta.validation.Valid;
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+
+@Slf4j
+@RequestMapping("/api/auth")
+@RestController
+@RequiredArgsConstructor
+public class AuthApiController {
+
+	private final AuthService authService;
+
+	@NoAuth
+	@PostMapping("/login")
+	public ResponseEntity<AuthResponse> login(
+		@Valid @RequestBody AuthRequest authRequest
+	) {
+		AuthResponse authResponse = authService.login(authRequest);
+		return ResponseEntity.ok(authResponse);
+	}
+
+	@NoAuth
+	@PostMapping("/token")
+	public ResponseEntity<String> reIssueAccessToken(
+		@RequestBody TokenForReIssue tokenForReIssue
+	) {
+		String accessToken = authService.createAccessTokenByRefreshToken(tokenForReIssue.refreshToken());
+		return ResponseEntity.ok(accessToken);
+	}
+}

api/src/main/java/dev/hooon/auth/JwtAuthorization.java

@@ -0,0 +1,15 @@
+package dev.hooon.auth;
+
+import java.lang.annotation.Documented;
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+@Target({ ElementType.PARAMETER, ElementType.ANNOTATION_TYPE })
+@Retention(RetentionPolicy.RUNTIME)
+@Documented
+public @interface JwtAuthorization {
+
+	// boolean required() default true;
+}

api/src/main/java/dev/hooon/auth/JwtAuthorizationArgumentResolver.java

@@ -0,0 +1,52 @@
+package dev.hooon.auth;
+
+import static dev.hooon.auth.exception.AuthErrorCode.*;
+
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.core.MethodParameter;
+import org.springframework.lang.NonNull;
+import org.springframework.stereotype.Component;
+import org.springframework.web.bind.support.WebDataBinderFactory;
+import org.springframework.web.context.request.NativeWebRequest;
+import org.springframework.web.method.support.HandlerMethodArgumentResolver;
+import org.springframework.web.method.support.ModelAndViewContainer;
+
+import dev.hooon.auth.application.JwtProvider;
+import dev.hooon.common.exception.NotFoundException;
+import jakarta.servlet.http.HttpServletRequest;
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+
+@Slf4j
+@Component
+@RequiredArgsConstructor
+public class JwtAuthorizationArgumentResolver implements HandlerMethodArgumentResolver {
+
+	private final JwtProvider jwtProvider;
+
+	@Value(value = "${jwt.header}")
+	private String jwtHeader;
+
+	@Override
+	public boolean supportsParameter(MethodParameter parameter) {
+		return parameter.hasParameterAnnotation(JwtAuthorization.class);
+	}
+
+	@Override
+	public Object resolveArgument(
+		@NonNull MethodParameter parameter,
+		ModelAndViewContainer mavContainer,
+		NativeWebRequest webRequest,
+		WebDataBinderFactory binderFactory
+	) {
+		HttpServletRequest httpServletRequest = webRequest.getNativeRequest(HttpServletRequest.class);
+
+		if (httpServletRequest != null) {
+			String accessToken = httpServletRequest.getHeader(jwtHeader);
+			return jwtProvider.getClaim(accessToken);
+		}
+
+		throw new NotFoundException(NOT_FOUND_REQUEST);
+	}
+
+}

api/src/main/java/dev/hooon/auth/JwtInterceptor.java

@@ -0,0 +1,56 @@
+package dev.hooon.auth;
+
+import static dev.hooon.auth.exception.AuthErrorCode.*;
+
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.lang.NonNull;
+import org.springframework.stereotype.Component;
+import org.springframework.web.method.HandlerMethod;
+import org.springframework.web.servlet.HandlerInterceptor;
+
+import dev.hooon.auth.application.JwtProvider;
+import dev.hooon.auth.exception.AuthException;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+
+@Slf4j
+@Component
+@RequiredArgsConstructor
+public class JwtInterceptor implements HandlerInterceptor {
+
+	private final JwtProvider jwtProvider;
+
+	@Value(value = "${jwt.header}")
+	private String jwtHeader;
+
+	private boolean isAnnotationPresent(Object handler) {
+		HandlerMethod handlerMethod = (HandlerMethod)handler;
+		return handlerMethod.getMethodAnnotation(NoAuth.class) != null;
+	}
+
+	@Override
+	public boolean preHandle(
+		@NonNull HttpServletRequest request,
+		@NonNull HttpServletResponse response,
+		@NonNull Object handler
+	) {
+		if (isAnnotationPresent(handler)) {
+			return true;
+		}
+
+		String accessToken = request.getHeader(jwtHeader);
+		if (accessToken == null) {
+			throw new AuthException(NOT_INCLUDE_ACCESS_TOKEN);
+		}
+
+		try {
+			jwtProvider.validateToken(accessToken);
+		} catch (AuthException e) {
+			return false;
+		}
+
+		return true;
+	}
+}

api/src/main/java/dev/hooon/auth/NoAuth.java

@@ -0,0 +1,11 @@
+package dev.hooon.auth;
+
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+@Retention(RetentionPolicy.RUNTIME)
+@Target({ElementType.TYPE, ElementType.METHOD})
+public @interface NoAuth {
+}

api/src/main/java/dev/hooon/auth/TokenForReIssue.java

@@ -0,0 +1,7 @@
+package dev.hooon.auth;
+
+
+public record TokenForReIssue(
+	String refreshToken
+) {
+}

api/src/main/java/dev/hooon/bookingcancel/BookingCancelApiController.java

@@ -6,6 +6,7 @@
 import org.springframework.web.bind.annotation.RequestParam;
 import org.springframework.web.bind.annotation.RestController;
 
+import dev.hooon.auth.NoAuth;
 import dev.hooon.booking.application.BookingService;
 import dev.hooon.booking.dto.response.BookingCancelResponse;
 import lombok.RequiredArgsConstructor;
@@ -16,6 +17,7 @@ public class BookingCancelApiController {
 
 	private final BookingService bookingService;
 
+	@NoAuth
 	@PostMapping("/api/bookings/cancel/{booking_id}")
 	public ResponseEntity<BookingCancelResponse> cancelBooking(
 		@RequestParam(name = "userId") Long userId, // TODO

api/src/main/java/dev/hooon/common/exception/config/WebConfig.java

@@ -0,0 +1,31 @@
+package dev.hooon.common.exception.config;
+
+import java.util.List;
+
+import org.springframework.context.annotation.Configuration;
+import org.springframework.web.method.support.HandlerMethodArgumentResolver;
+import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
+
+import dev.hooon.auth.JwtAuthorizationArgumentResolver;
+import dev.hooon.auth.JwtInterceptor;
+import lombok.RequiredArgsConstructor;
+
+@Configuration
+@RequiredArgsConstructor
+public class WebConfig implements WebMvcConfigurer {
+
+	private final JwtAuthorizationArgumentResolver jwtAuthorizationArgumentResolver;
+	private final JwtInterceptor jwtInterceptor;
+
+	@Override
+	public void addArgumentResolvers(List<HandlerMethodArgumentResolver> argumentResolvers) {
+		argumentResolvers.add(jwtAuthorizationArgumentResolver);
+	}
+
+	@Override
+	public void addInterceptors(InterceptorRegistry registry) {
+		registry.addInterceptor(jwtInterceptor)
+			.addPathPatterns("/api/**");
+	}
+}

api/src/main/java/dev/hooon/show/RankingApiController.java

@@ -5,6 +5,7 @@
 import org.springframework.web.bind.annotation.ModelAttribute;
 import org.springframework.web.bind.annotation.RestController;
 
+import dev.hooon.auth.NoAuth;
 import dev.hooon.show.application.facade.RankingCacheFacade;
 import dev.hooon.show.dto.request.RankingRequest;
 import dev.hooon.show.dto.response.RankingResponse;
@@ -17,6 +18,7 @@ public class RankingApiController {
 
 	private final RankingCacheFacade rankingCacheFacade;
 
+	@NoAuth
 	@GetMapping("/api/shows/ranking")
 	public ResponseEntity<RankingResponse> getShowRanking(@Valid @ModelAttribute RankingRequest request) {
 		RankingResponse rankingResponse = rankingCacheFacade.getShowRankingWithCache(request);

api/src/main/java/dev/hooon/show/ShowApiController.java

@@ -5,6 +5,7 @@
 import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.RestController;
 
+import dev.hooon.auth.NoAuth;
 import dev.hooon.show.application.ShowService;
 import dev.hooon.show.dto.response.AbleBookingDateRoundResponse;
 import lombok.RequiredArgsConstructor;
@@ -15,6 +16,7 @@ public class ShowApiController {
 
 	private final ShowService showService;
 
+	@NoAuth
 	@GetMapping("/api/shows/{show_id}/available")
 	public ResponseEntity<AbleBookingDateRoundResponse> getAbleBookingDateRoundInfo(
 		@PathVariable("show_id") Long showId

api/src/main/java/dev/hooon/show/ShowDetailApiController.java

@@ -5,6 +5,7 @@
 import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.RestController;
 
+import dev.hooon.auth.NoAuth;
 import dev.hooon.show.application.ShowService;
 import dev.hooon.show.dto.response.ShowDetailsInfoResponse;
 import lombok.RequiredArgsConstructor;
@@ -15,6 +16,7 @@ public class ShowDetailApiController {
 
 	private final ShowService showService;
 
+	@NoAuth
 	@GetMapping("/api/shows/{show_id}")
 	public ResponseEntity<ShowDetailsInfoResponse> getShowDetailInfo(
 		@PathVariable("show_id") Long showId

api/src/main/java/dev/hooon/show/ShowSeatsApiController.java

@@ -9,6 +9,7 @@
 import org.springframework.web.bind.annotation.RequestParam;
 import org.springframework.web.bind.annotation.RestController;
 
+import dev.hooon.auth.NoAuth;
 import dev.hooon.show.application.ShowSeatsService;
 import dev.hooon.show.dto.response.seats.ShowSeatsResponse;
 import lombok.RequiredArgsConstructor;
@@ -19,6 +20,7 @@ public class ShowSeatsApiController {
 
 	private final ShowSeatsService showSeatsService;
 
+	@NoAuth
 	@GetMapping("/api/shows/{showId}/seats")
 	public ResponseEntity<ShowSeatsResponse> getShowSeatsInfo(
 		@PathVariable("showId") Long showId,

api/src/main/java/dev/hooon/ticketbooking/TicketBookingApiController.java

@@ -6,6 +6,7 @@
 import org.springframework.web.bind.annotation.RequestParam;
 import org.springframework.web.bind.annotation.RestController;
 
+import dev.hooon.auth.NoAuth;
 import dev.hooon.booking.application.fascade.TicketBookingFacade;
 import dev.hooon.booking.dto.request.TicketBookingRequest;
 import dev.hooon.booking.dto.response.TicketBookingResponse;
@@ -18,6 +19,7 @@ public class TicketBookingApiController {
 
 	private final TicketBookingFacade ticketBookingFacade;
 
+	@NoAuth
 	@PostMapping("/api/bookings")
 	public ResponseEntity<TicketBookingResponse> bookingTicket(
 		@RequestParam(name = "userId") Long userId, // TODO

api/src/main/java/dev/hooon/user/UserApiController.java

@@ -5,6 +5,7 @@
 import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RestController;
 
+import dev.hooon.auth.NoAuth;
 import dev.hooon.user.application.UserService;
 import dev.hooon.user.dto.request.UserJoinRequest;
 import dev.hooon.user.dto.response.UserJoinResponse;
@@ -17,6 +18,7 @@ public class UserApiController {
 
 	private final UserService userService;
 
+	@NoAuth
 	@PostMapping("/api/users")
 	public ResponseEntity<UserJoinResponse> join(
 		final @Valid @RequestBody UserJoinRequest userJoinRequest

api/src/main/java/dev/hooon/waitingbooking/WaitingBookingApiController.java

@@ -6,6 +6,7 @@
 import org.springframework.web.bind.annotation.RequestParam;
 import org.springframework.web.bind.annotation.RestController;
 
+import dev.hooon.auth.NoAuth;
 import dev.hooon.waitingbooking.application.facade.WaitingBookingFacade;
 import dev.hooon.waitingbooking.dto.request.WaitingRegisterRequest;
 import dev.hooon.waitingbooking.dto.response.WaitingRegisterResponse;
@@ -18,6 +19,7 @@ public class WaitingBookingApiController {
 
 	private final WaitingBookingFacade waitingBookingFacade;
 
+	@NoAuth
 	@PostMapping("/api/waiting_bookings")
 	public ResponseEntity<WaitingRegisterResponse> registerWaitingBooking(
 		@RequestParam(name = "userId") Long userId, // TODO 추후에 인증정보 ArgumentResolver 가 구현되면 수정 예정

api/src/test/java/dev/hooon/waitingbooking/WaitingBookingApiControllerTest.java

@@ -63,4 +63,4 @@ void registerWaitingBookingTest() throws Exception {
 			jsonPath("$.waitingBookingId").value(allWaitingBookings.get(0).getId())
 		);
 	}
-}
+}

api/src/test/resources/application.yml

@@ -10,4 +10,9 @@ spring:
 
 logging:
   level:
-    org.hibernate.sql: info
+    org.hibernate.sql: info
+
+jwt:
+  header: Authorization
+  secret: fdflsjhflkwejfblkjhvuixochvuhsofiuesafbidsfab223411
+  token-validity-in-seconds: 2400

core/build.gradle

@@ -11,6 +11,10 @@ dependencies {
     testFixturesImplementation 'org.springframework:spring-tx:6.1.1'
     // 패스워드 암호화
     implementation group: 'org.mindrot', name: 'jbcrypt', version: '0.3m'
+    // JWT
+    implementation 'io.jsonwebtoken:jjwt-api:0.11.5'
+    runtimeOnly 'io.jsonwebtoken:jjwt-impl:0.11.5'
+    runtimeOnly 'io.jsonwebtoken:jjwt-jackson:0.11.5'
     // 레디스 LocalDateTime 역직렬화
     implementation 'com.fasterxml.jackson.datatype:jackson-datatype-jsr310'
     implementation 'com.fasterxml.jackson.core:jackson-databind'