From cad4e6d5e010547509675bd09b0d67c7f73d1bb2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=EA=B0=95=EC=84=9D=20=EC=B5=9C?= Date: Wed, 24 Jan 2024 17:13:50 +0900 Subject: [PATCH] =?UTF-8?q?=EA=B4=80=EB=A6=AC=EC=9E=90=20=ED=8E=98?= =?UTF-8?q?=EC=9D=B4=EC=A7=80=20=EC=A0=91=EA=B7=BC=EC=8B=9C=20=EC=9D=B8?= =?UTF-8?q?=EC=A6=9D=20=EB=A1=9C=EC=A7=81=20=EC=98=A4=EB=A5=98=20=EC=88=98?= =?UTF-8?q?=EC=A0=95.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../src/routes/index.jsx | 20 +++++++------ .../auth/EgovLoginApiController.java | 28 +++++++++++-------- .../config/jwt/EgovJwtTokenUtil.java | 7 ++++- 3 files changed, 34 insertions(+), 21 deletions(-) diff --git a/egovframe-template-simple-react-contribution/src/routes/index.jsx b/egovframe-template-simple-react-contribution/src/routes/index.jsx index d456614..1b55810 100644 --- a/egovframe-template-simple-react-contribution/src/routes/index.jsx +++ b/egovframe-template-simple-react-contribution/src/routes/index.jsx @@ -123,18 +123,22 @@ const RootRoutes = () => { console.group("jwtAuthentication"); console.log("[Start] jwtAuthentication ------------------------------"); - const jwtAuthURL = "/uat/esm/jwtAuthAPI.do"; + const jwtAuthURL = "/auth/token-check"; let requestOptions = { method: "POST", }; - EgovNet.requestFetch(jwtAuthURL, requestOptions, (resp) => { - if (resp === false) { - setMounted(false); - } else { - setMounted(true); // 이 값으로 true 일 때만 페이지를 렌더링이 되는 변수 사용. - } - }); + EgovNet.requestFetch( + jwtAuthURL, + requestOptions, + (resp) => { + if (resp === false) { + setMounted(false); + } else { + setMounted(true); // 이 값으로 true 일 때만 페이지를 렌더링이 되는 변수 사용. + } + } + ); console.log("------------------------------jwtAuthentication [End]"); console.groupEnd("jwtAuthentication"); diff --git a/kcsc-back-end/src/main/java/com/dbnt/kcscbackend/auth/EgovLoginApiController.java b/kcsc-back-end/src/main/java/com/dbnt/kcscbackend/auth/EgovLoginApiController.java index a9b2c5d..cc76029 100644 --- a/kcsc-back-end/src/main/java/com/dbnt/kcscbackend/auth/EgovLoginApiController.java +++ b/kcsc-back-end/src/main/java/com/dbnt/kcscbackend/auth/EgovLoginApiController.java @@ -8,6 +8,9 @@ import com.dbnt.kcscbackend.config.common.ResponseCode; import com.dbnt.kcscbackend.config.common.ResultVO; import com.dbnt.kcscbackend.config.egov.EgovMessageSource; import com.dbnt.kcscbackend.config.jwt.EgovJwtTokenUtil; +import com.dbnt.kcscbackend.config.jwt.redis.RefreshToken; +import com.dbnt.kcscbackend.config.jwt.redis.RefreshTokenRepository; +import io.jsonwebtoken.Claims; import io.swagger.v3.oas.annotations.Operation; import io.swagger.v3.oas.annotations.responses.ApiResponse; import io.swagger.v3.oas.annotations.responses.ApiResponses; @@ -60,15 +63,7 @@ public class EgovLoginApiController extends BaseController { private EgovLoginService loginService; private final EgovJwtTokenUtil egovJwtTokenUtil; - - /** EgovMessageSource */ - @Resource(name = "egovMessageSource") - EgovMessageSource egovMessageSource; - - /** JWT */ - @Autowired - private EgovJwtTokenUtil jwtTokenUtil; - + private final RefreshTokenRepository refreshTokenRepository; @Operation( summary = "회원가입", @@ -177,8 +172,17 @@ public class EgovLoginApiController extends BaseController { return resultMap; } - @RequestMapping("/loginSuccess") - public HashMap loginSuccess(HttpServletRequest request, HttpServletResponse response){ - return new HashMap<>(); + @PostMapping("/token-check") + public boolean tokenCheck(HttpServletRequest request, HttpServletResponse response, @AuthenticationPrincipal UserInfo loginVO){ + String clientToken = request.getHeader("Authorization"); + RefreshToken refreshToken = refreshTokenRepository.findById(egovJwtTokenUtil.getUserSeqFromToken(clientToken)).orElse(null); + if (refreshToken != null){ + String serverToken = refreshToken.getRefreshToken(); + if(egovJwtTokenUtil.getUserSeFromToken(clientToken).equals(egovJwtTokenUtil.getUserSeFromToken(serverToken))){ + return true; + } + } + return false; } + } \ No newline at end of file diff --git a/kcsc-back-end/src/main/java/com/dbnt/kcscbackend/config/jwt/EgovJwtTokenUtil.java b/kcsc-back-end/src/main/java/com/dbnt/kcscbackend/config/jwt/EgovJwtTokenUtil.java index c6b1dd2..e448128 100644 --- a/kcsc-back-end/src/main/java/com/dbnt/kcscbackend/config/jwt/EgovJwtTokenUtil.java +++ b/kcsc-back-end/src/main/java/com/dbnt/kcscbackend/config/jwt/EgovJwtTokenUtil.java @@ -58,6 +58,10 @@ public class EgovJwtTokenUtil implements Serializable{ //retrieve username from jwt token + public String getUserSeqFromToken(String token) { + Claims claims = getClaimFromToken(token); + return claims.get("userSeq").toString(); + } public String getUserIdFromToken(String token) { Claims claims = getClaimFromToken(token); return claims.get("id").toString(); @@ -89,7 +93,8 @@ public class EgovJwtTokenUtil implements Serializable{ // compaction of the JWT to a URL-safe string public String generateToken(UserInfo loginVO, String remoteAddr, Long sec) { Map claims = new HashMap<>(); - claims.put("id", loginVO.getUserId() ); + claims.put("userSeq", loginVO.getUserSeq()); + claims.put("id", loginVO.getUserId()); claims.put("remoteAddr", remoteAddr); claims.put("userSe", loginVO.getUserSe() ); claims.put("type", "Authorization");