로그인할 때 토큰 확인 제외
This commit is contained in:
parent
7453e19b2b
commit
544a653f47
|
|
@ -54,7 +54,13 @@ public class JwtAuthenticationFilter extends OncePerRequestFilter {
|
|||
return;
|
||||
}
|
||||
|
||||
UserDetails userDetails = userDetailsService.loadUserByUsername(username);
|
||||
UserDetails userDetails;
|
||||
try {
|
||||
userDetails = userDetailsService.loadUserByUsername(username);
|
||||
} catch (Exception e) {
|
||||
filterChain.doFilter(request, response);
|
||||
return;
|
||||
}
|
||||
|
||||
// 1. JWT 자체 유효성
|
||||
if (!jwtService.isTokenValid(jwt, userDetails)) {
|
||||
|
|
@ -87,6 +93,14 @@ public class JwtAuthenticationFilter extends OncePerRequestFilter {
|
|||
filterChain.doFilter(request, response);
|
||||
}
|
||||
|
||||
@Override
|
||||
protected boolean shouldNotFilter(HttpServletRequest request) {
|
||||
String p = request.getServletPath(); // context-path(/auth-service) 제외된 경로
|
||||
return p.equals("/auth/login")
|
||||
|| p.equals("/auth/token/refresh")
|
||||
|| p.equals("/auth/login/system");
|
||||
}
|
||||
|
||||
/**
|
||||
* JWT 추출 우선순위:
|
||||
* 1. Authorization Header
|
||||
|
|
|
|||
|
|
@ -0,0 +1,15 @@
|
|||
package com.goi.security;
|
||||
|
||||
import org.junit.jupiter.api.Test;
|
||||
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
|
||||
|
||||
class PasswordHashTest {
|
||||
|
||||
@Test
|
||||
void generate() {
|
||||
String hash = new BCryptPasswordEncoder().encode("1111");
|
||||
System.out.println("HASH = " + hash);
|
||||
System.out.println("matches = " + new BCryptPasswordEncoder().matches("1111", hash));
|
||||
}
|
||||
|
||||
}
|
||||
Loading…
Reference in New Issue