diff --git a/src/main/java/com/goi/erp/auth/AuthenticationController.java b/src/main/java/com/goi/erp/auth/AuthenticationController.java index 718d3d5..08a72c1 100644 --- a/src/main/java/com/goi/erp/auth/AuthenticationController.java +++ b/src/main/java/com/goi/erp/auth/AuthenticationController.java @@ -4,8 +4,13 @@ import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletResponse; import lombok.RequiredArgsConstructor; import org.springframework.http.ResponseEntity; +import org.springframework.security.authentication.AnonymousAuthenticationToken; +import org.springframework.security.core.Authentication; +import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.web.bind.annotation.*; +import com.goi.erp.employee.EmployeeDetails; + import java.io.IOException; @RestController @@ -46,4 +51,33 @@ public class AuthenticationController { authenticationService.authenticateSystem(request) ); } + + @GetMapping("/me") + public AuthenticationResponse me() { + + Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); + + if (authentication == null || + !authentication.isAuthenticated() || + authentication instanceof AnonymousAuthenticationToken) { + + return AuthenticationResponse.builder() + .authenticated(false) + .build(); + } + + EmployeeDetails principal = (EmployeeDetails) authentication.getPrincipal(); + + return AuthenticationResponse.builder() + .authenticated(true) + .loginId(principal.getUsername()) + .firstName(principal.getEmployee().getEmpFirstName()) + .lastName(principal.getEmployee().getEmpLastName()) + .roles( + principal.getAuthorities().stream() + .map(a -> a.getAuthority()) + .toList() + ) + .build(); + } } diff --git a/src/main/java/com/goi/erp/config/JwtAuthenticationFilter.java b/src/main/java/com/goi/erp/config/JwtAuthenticationFilter.java index b49be1a..b68b570 100644 --- a/src/main/java/com/goi/erp/config/JwtAuthenticationFilter.java +++ b/src/main/java/com/goi/erp/config/JwtAuthenticationFilter.java @@ -14,6 +14,7 @@ import org.springframework.stereotype.Component; import org.springframework.web.filter.OncePerRequestFilter; import com.goi.erp.auth.AuthCookieService; +import com.goi.erp.token.TokenRepository; import java.io.IOException; import java.util.Optional; @@ -25,6 +26,7 @@ public class JwtAuthenticationFilter extends OncePerRequestFilter { private final JwtService jwtService; private final UserDetailsService userDetailsService; private final AuthCookieService authCookieService; + private final TokenRepository tokenRepository; @Override protected void doFilterInternal( @@ -39,7 +41,6 @@ public class JwtAuthenticationFilter extends OncePerRequestFilter { } String jwt = resolveToken(request); - if (jwt == null) { filterChain.doFilter(request, response); return; @@ -55,11 +56,22 @@ public class JwtAuthenticationFilter extends OncePerRequestFilter { UserDetails userDetails = userDetailsService.loadUserByUsername(username); + // 1. JWT 자체 유효성 if (!jwtService.isTokenValid(jwt, userDetails)) { filterChain.doFilter(request, response); return; } + // 2. DB 토큰 상태 확인 + boolean isTokenActive = tokenRepository + .findByToken(jwt) + .map(t -> !t.isExpired() && !t.isRevoked()) + .orElse(false); + if (!isTokenActive) { + filterChain.doFilter(request, response); + return; + } + UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken( userDetails, @@ -82,10 +94,10 @@ public class JwtAuthenticationFilter extends OncePerRequestFilter { */ private String resolveToken(HttpServletRequest request) { - String authHeader = request.getHeader("Authorization"); - if (authHeader != null && authHeader.startsWith("Bearer ")) { - return authHeader.substring(7); - } +// String authHeader = request.getHeader("Authorization"); +// if (authHeader != null && authHeader.startsWith("Bearer ")) { +// return authHeader.substring(7); +// } Optional cookieToken = authCookieService.extractJwt(request); return cookieToken.orElse(null); diff --git a/src/main/java/com/goi/erp/config/SecurityConfiguration.java b/src/main/java/com/goi/erp/config/SecurityConfiguration.java index 3181b10..29c586d 100644 --- a/src/main/java/com/goi/erp/config/SecurityConfiguration.java +++ b/src/main/java/com/goi/erp/config/SecurityConfiguration.java @@ -62,7 +62,11 @@ public class SecurityConfiguration { public CorsConfigurationSource corsConfigurationSource() { CorsConfiguration config = new CorsConfiguration(); - config.setAllowedOrigins(List.of("http://localhost:5173")); + config.setAllowedOriginPatterns(List.of( + "http://localhost:5173", + "http://192.168.*.*:5173", + "http://10.*.*.*:5173" + )); config.setAllowedMethods(List.of("GET", "POST", "PUT", "DELETE", "OPTIONS")); config.setAllowedHeaders(List.of("Authorization", "Content-Type", "X-CSRF-TOKEN")); config.setAllowCredentials(true); diff --git a/src/main/java/com/goi/erp/employee/Employee.java b/src/main/java/com/goi/erp/employee/Employee.java index 7c1d739..1027c5a 100644 --- a/src/main/java/com/goi/erp/employee/Employee.java +++ b/src/main/java/com/goi/erp/employee/Employee.java @@ -2,8 +2,6 @@ package com.goi.erp.employee; import jakarta.persistence.Column; import jakarta.persistence.Entity; -import jakarta.persistence.GeneratedValue; -import jakarta.persistence.GenerationType; import jakarta.persistence.Id; import jakarta.persistence.Table; import java.util.UUID; @@ -14,36 +12,32 @@ import lombok.Data; import lombok.NoArgsConstructor; @Entity -@Table(name = "employee") +@Table(schema="hcm", name = "vw_auth_employee") @Data @NoArgsConstructor @AllArgsConstructor @Builder public class Employee { @Id - @GeneratedValue(strategy = GenerationType.IDENTITY) @Column(name = "emp_id") - private Long empId; // 내부 PK, 외부 노출 X + private Long empId; - @Column(name = "emp_uuid", unique = true, nullable = false) - private UUID empUuid; // 외부 키로 사용 + @Column(name = "emp_uuid") + private UUID empUuid; - @Column(name = "emp_login_id", unique = true, nullable = false) + @Column(name = "emp_login_id") private String empLoginId; - @Column(name = "emp_login_password", nullable = false) + @Column(name = "emp_login_password") private String empLoginPassword; + @Column(name = "emp_status") + private String empStatus; + @Column(name = "emp_first_name") private String empFirstName; @Column(name = "emp_last_name") private String empLastName; - - @Column(name = "emp_dept_id") - private Long empDeptId; - - @Column(name = "emp_status", columnDefinition = "CHAR(1)") - private String empStatus; } diff --git a/src/main/java/com/goi/erp/employee/EmployeeRole.java b/src/main/java/com/goi/erp/employee/EmployeeRole.java index 9af12ce..c298613 100644 --- a/src/main/java/com/goi/erp/employee/EmployeeRole.java +++ b/src/main/java/com/goi/erp/employee/EmployeeRole.java @@ -21,7 +21,7 @@ import lombok.Data; import lombok.NoArgsConstructor; @Entity -@Table(name = "employee_role") +@Table(schema="auth", name = "employee_role") @Data @NoArgsConstructor @AllArgsConstructor diff --git a/src/main/java/com/goi/erp/permission/PermissionInfo.java b/src/main/java/com/goi/erp/permission/PermissionInfo.java index 546bb91..a3a8a53 100644 --- a/src/main/java/com/goi/erp/permission/PermissionInfo.java +++ b/src/main/java/com/goi/erp/permission/PermissionInfo.java @@ -16,7 +16,7 @@ import lombok.Data; import lombok.NoArgsConstructor; @Entity -@Table(name = "permission_info", +@Table(schema="auth", name = "permission_info", uniqueConstraints = @UniqueConstraint(columnNames = {"perm_module", "perm_action", "perm_scope"})) @Data @NoArgsConstructor diff --git a/src/main/java/com/goi/erp/role/RoleInfo.java b/src/main/java/com/goi/erp/role/RoleInfo.java index b4680fb..8fe6e14 100644 --- a/src/main/java/com/goi/erp/role/RoleInfo.java +++ b/src/main/java/com/goi/erp/role/RoleInfo.java @@ -19,7 +19,7 @@ import lombok.Data; import lombok.NoArgsConstructor; @Entity -@Table(name = "role_info") +@Table(schema="auth", name = "role_info") @Data @NoArgsConstructor @AllArgsConstructor diff --git a/src/main/java/com/goi/erp/role/RolePermission.java b/src/main/java/com/goi/erp/role/RolePermission.java index acce332..a894e94 100644 --- a/src/main/java/com/goi/erp/role/RolePermission.java +++ b/src/main/java/com/goi/erp/role/RolePermission.java @@ -18,7 +18,7 @@ import lombok.Data; import lombok.NoArgsConstructor; @Entity -@Table(name = "role_permission") +@Table(schema="auth", name = "role_permission") @Data @NoArgsConstructor @AllArgsConstructor diff --git a/src/main/java/com/goi/erp/token/Token.java b/src/main/java/com/goi/erp/token/Token.java index db14bdb..2ed9680 100644 --- a/src/main/java/com/goi/erp/token/Token.java +++ b/src/main/java/com/goi/erp/token/Token.java @@ -19,7 +19,7 @@ import lombok.Data; import lombok.NoArgsConstructor; @Entity -@Table(name = "employee_token") +@Table(schema="auth", name = "employee_token") @Data @NoArgsConstructor @AllArgsConstructor