From 81db7d403c6a13db486eed0dcbf5591b9a10022e Mon Sep 17 00:00:00 2001 From: ch8930 Date: Sat, 17 Aug 2024 10:39:14 +0900 Subject: [PATCH] =?UTF-8?q?fix:=20TT-346=20=EC=B6=94=EA=B0=80=EC=A0=95?= =?UTF-8?q?=EB=B3=B4=20=EC=9E=85=EB=A0=A5=EC=97=90=20=EB=8C=80=ED=95=9C=20?= =?UTF-8?q?=EC=98=88=EC=99=B8=EC=B2=98=EB=A6=AC?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - userDetail에서 추가정보 입력 uri로 요청시 PENDING에 대한 조건 처리를 안하도록 처리해줌 --- .../twentythree/peech/common/utils/JWTUtils.java | 1 - .../peech/security/config/SecurityConfig.java | 1 - .../peech/security/jwt/JWTUserDetailsService.java | 14 ++++++++++++-- 3 files changed, 12 insertions(+), 4 deletions(-) diff --git a/src/main/java/com/twentythree/peech/common/utils/JWTUtils.java b/src/main/java/com/twentythree/peech/common/utils/JWTUtils.java index 8c342f66..6c51ff06 100644 --- a/src/main/java/com/twentythree/peech/common/utils/JWTUtils.java +++ b/src/main/java/com/twentythree/peech/common/utils/JWTUtils.java @@ -132,7 +132,6 @@ public String resolveToken(HttpServletRequest request) { public Claims validateAccessToken(String token) throws JWTAuthenticationException { try { Jws claimsJws = parseAccessToken(token); - System.out.println(claimsJws); return claimsJws.getPayload(); } catch (SignatureException e) { log.error("JWT Token Signature is invalid", e); diff --git a/src/main/java/com/twentythree/peech/security/config/SecurityConfig.java b/src/main/java/com/twentythree/peech/security/config/SecurityConfig.java index 3abd36e9..0c91895a 100644 --- a/src/main/java/com/twentythree/peech/security/config/SecurityConfig.java +++ b/src/main/java/com/twentythree/peech/security/config/SecurityConfig.java @@ -48,7 +48,6 @@ public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Excepti authorize.requestMatchers(swagger).permitAll() .requestMatchers(defaultPermitAll).permitAll() .requestMatchers(HttpMethod.POST,"/api/v1.1/user").permitAll() - .requestMatchers(HttpMethod.PATCH,"/api/v1.1/user").permitAll() .anyRequest().authenticated()) .exceptionHandling(e -> e. authenticationEntryPoint(jwtAuthEntryPoint) diff --git a/src/main/java/com/twentythree/peech/security/jwt/JWTUserDetailsService.java b/src/main/java/com/twentythree/peech/security/jwt/JWTUserDetailsService.java index f9cf0eff..2d3098b7 100644 --- a/src/main/java/com/twentythree/peech/security/jwt/JWTUserDetailsService.java +++ b/src/main/java/com/twentythree/peech/security/jwt/JWTUserDetailsService.java @@ -6,11 +6,14 @@ import com.twentythree.peech.user.entity.UserEntity; import com.twentythree.peech.user.repository.UserRepository; import com.twentythree.peech.user.value.SignUpFinished; +import jakarta.servlet.http.HttpServletRequest; import lombok.RequiredArgsConstructor; import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.security.core.userdetails.UsernameNotFoundException; import org.springframework.stereotype.Component; import org.springframework.transaction.annotation.Transactional; +import org.springframework.web.context.request.RequestContextHolder; +import org.springframework.web.context.request.ServletRequestAttributes; @Component @@ -26,8 +29,15 @@ public JWTUserDetails loadUserByUsername(String username) throws UsernameNotFoun UserEntity userEntity = userRepository.findById(userId) .orElseThrow(() -> new UsernameNotFoundException("유저를 찾을 수 없습니다. userId: " + userId)); - // User가 Pending이면 에러 발생 - if (userEntity.getSignUpFinished() == SignUpFinished.PENDING) { + + HttpServletRequest request = ((ServletRequestAttributes)RequestContextHolder.getRequestAttributes()).getRequest(); + // http 메서드와 uri 뽑아오기 + String httpMethod = request.getMethod(); + String uri = request.getRequestURI(); + + // User가 Pending이면 에러 발생 단, 요청 request가 PATCH /api/v1/users/{userId} 일 경우에는 에러 발생하지 않음 + if (userEntity.getSignUpFinished() == SignUpFinished.PENDING + && !httpMethod.equals("PATCH") && !uri.contains("/api/v1/users/" + userId)) { throw new JWTAuthenticationException(LoginExceptionCode.SIGNUP_FINISHED_NOT_YET); } return JWTUserDetails.create(userEntity);