parent
68233402fc
commit
6bb2817654
|
|
@ -4,8 +4,13 @@ import jakarta.servlet.http.HttpServletRequest;
|
|||
import jakarta.servlet.http.HttpServletResponse;
|
||||
import lombok.RequiredArgsConstructor;
|
||||
import org.springframework.http.ResponseEntity;
|
||||
import org.springframework.security.authentication.AnonymousAuthenticationToken;
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
|
||||
import com.goi.erp.employee.EmployeeDetails;
|
||||
|
||||
import java.io.IOException;
|
||||
|
||||
@RestController
|
||||
|
|
@ -46,4 +51,33 @@ public class AuthenticationController {
|
|||
authenticationService.authenticateSystem(request)
|
||||
);
|
||||
}
|
||||
|
||||
@GetMapping("/me")
|
||||
public AuthenticationResponse me() {
|
||||
|
||||
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
|
||||
|
||||
if (authentication == null ||
|
||||
!authentication.isAuthenticated() ||
|
||||
authentication instanceof AnonymousAuthenticationToken) {
|
||||
|
||||
return AuthenticationResponse.builder()
|
||||
.authenticated(false)
|
||||
.build();
|
||||
}
|
||||
|
||||
EmployeeDetails principal = (EmployeeDetails) authentication.getPrincipal();
|
||||
|
||||
return AuthenticationResponse.builder()
|
||||
.authenticated(true)
|
||||
.loginId(principal.getUsername())
|
||||
.firstName(principal.getEmployee().getEmpFirstName())
|
||||
.lastName(principal.getEmployee().getEmpLastName())
|
||||
.roles(
|
||||
principal.getAuthorities().stream()
|
||||
.map(a -> a.getAuthority())
|
||||
.toList()
|
||||
)
|
||||
.build();
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -14,6 +14,7 @@ import org.springframework.stereotype.Component;
|
|||
import org.springframework.web.filter.OncePerRequestFilter;
|
||||
|
||||
import com.goi.erp.auth.AuthCookieService;
|
||||
import com.goi.erp.token.TokenRepository;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.util.Optional;
|
||||
|
|
@ -25,6 +26,7 @@ public class JwtAuthenticationFilter extends OncePerRequestFilter {
|
|||
private final JwtService jwtService;
|
||||
private final UserDetailsService userDetailsService;
|
||||
private final AuthCookieService authCookieService;
|
||||
private final TokenRepository tokenRepository;
|
||||
|
||||
@Override
|
||||
protected void doFilterInternal(
|
||||
|
|
@ -39,7 +41,6 @@ public class JwtAuthenticationFilter extends OncePerRequestFilter {
|
|||
}
|
||||
|
||||
String jwt = resolveToken(request);
|
||||
|
||||
if (jwt == null) {
|
||||
filterChain.doFilter(request, response);
|
||||
return;
|
||||
|
|
@ -55,11 +56,22 @@ public class JwtAuthenticationFilter extends OncePerRequestFilter {
|
|||
|
||||
UserDetails userDetails = userDetailsService.loadUserByUsername(username);
|
||||
|
||||
// 1. JWT 자체 유효성
|
||||
if (!jwtService.isTokenValid(jwt, userDetails)) {
|
||||
filterChain.doFilter(request, response);
|
||||
return;
|
||||
}
|
||||
|
||||
// 2. DB 토큰 상태 확인
|
||||
boolean isTokenActive = tokenRepository
|
||||
.findByToken(jwt)
|
||||
.map(t -> !t.isExpired() && !t.isRevoked())
|
||||
.orElse(false);
|
||||
if (!isTokenActive) {
|
||||
filterChain.doFilter(request, response);
|
||||
return;
|
||||
}
|
||||
|
||||
UsernamePasswordAuthenticationToken authentication =
|
||||
new UsernamePasswordAuthenticationToken(
|
||||
userDetails,
|
||||
|
|
@ -82,10 +94,10 @@ public class JwtAuthenticationFilter extends OncePerRequestFilter {
|
|||
*/
|
||||
private String resolveToken(HttpServletRequest request) {
|
||||
|
||||
String authHeader = request.getHeader("Authorization");
|
||||
if (authHeader != null && authHeader.startsWith("Bearer ")) {
|
||||
return authHeader.substring(7);
|
||||
}
|
||||
// String authHeader = request.getHeader("Authorization");
|
||||
// if (authHeader != null && authHeader.startsWith("Bearer ")) {
|
||||
// return authHeader.substring(7);
|
||||
// }
|
||||
|
||||
Optional<String> cookieToken = authCookieService.extractJwt(request);
|
||||
return cookieToken.orElse(null);
|
||||
|
|
|
|||
|
|
@ -62,7 +62,11 @@ public class SecurityConfiguration {
|
|||
public CorsConfigurationSource corsConfigurationSource() {
|
||||
CorsConfiguration config = new CorsConfiguration();
|
||||
|
||||
config.setAllowedOrigins(List.of("http://localhost:5173"));
|
||||
config.setAllowedOriginPatterns(List.of(
|
||||
"http://localhost:5173",
|
||||
"http://192.168.*.*:5173",
|
||||
"http://10.*.*.*:5173"
|
||||
));
|
||||
config.setAllowedMethods(List.of("GET", "POST", "PUT", "DELETE", "OPTIONS"));
|
||||
config.setAllowedHeaders(List.of("Authorization", "Content-Type", "X-CSRF-TOKEN"));
|
||||
config.setAllowCredentials(true);
|
||||
|
|
|
|||
|
|
@ -2,8 +2,6 @@ package com.goi.erp.employee;
|
|||
|
||||
import jakarta.persistence.Column;
|
||||
import jakarta.persistence.Entity;
|
||||
import jakarta.persistence.GeneratedValue;
|
||||
import jakarta.persistence.GenerationType;
|
||||
import jakarta.persistence.Id;
|
||||
import jakarta.persistence.Table;
|
||||
import java.util.UUID;
|
||||
|
|
@ -14,36 +12,32 @@ import lombok.Data;
|
|||
import lombok.NoArgsConstructor;
|
||||
|
||||
@Entity
|
||||
@Table(name = "employee")
|
||||
@Table(schema="hcm", name = "vw_auth_employee")
|
||||
@Data
|
||||
@NoArgsConstructor
|
||||
@AllArgsConstructor
|
||||
@Builder
|
||||
public class Employee {
|
||||
@Id
|
||||
@GeneratedValue(strategy = GenerationType.IDENTITY)
|
||||
@Column(name = "emp_id")
|
||||
private Long empId; // 내부 PK, 외부 노출 X
|
||||
private Long empId;
|
||||
|
||||
@Column(name = "emp_uuid", unique = true, nullable = false)
|
||||
private UUID empUuid; // 외부 키로 사용
|
||||
@Column(name = "emp_uuid")
|
||||
private UUID empUuid;
|
||||
|
||||
@Column(name = "emp_login_id", unique = true, nullable = false)
|
||||
@Column(name = "emp_login_id")
|
||||
private String empLoginId;
|
||||
|
||||
@Column(name = "emp_login_password", nullable = false)
|
||||
@Column(name = "emp_login_password")
|
||||
private String empLoginPassword;
|
||||
|
||||
@Column(name = "emp_status")
|
||||
private String empStatus;
|
||||
|
||||
@Column(name = "emp_first_name")
|
||||
private String empFirstName;
|
||||
|
||||
@Column(name = "emp_last_name")
|
||||
private String empLastName;
|
||||
|
||||
@Column(name = "emp_dept_id")
|
||||
private Long empDeptId;
|
||||
|
||||
@Column(name = "emp_status", columnDefinition = "CHAR(1)")
|
||||
private String empStatus;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -21,7 +21,7 @@ import lombok.Data;
|
|||
import lombok.NoArgsConstructor;
|
||||
|
||||
@Entity
|
||||
@Table(name = "employee_role")
|
||||
@Table(schema="auth", name = "employee_role")
|
||||
@Data
|
||||
@NoArgsConstructor
|
||||
@AllArgsConstructor
|
||||
|
|
|
|||
|
|
@ -16,7 +16,7 @@ import lombok.Data;
|
|||
import lombok.NoArgsConstructor;
|
||||
|
||||
@Entity
|
||||
@Table(name = "permission_info",
|
||||
@Table(schema="auth", name = "permission_info",
|
||||
uniqueConstraints = @UniqueConstraint(columnNames = {"perm_module", "perm_action", "perm_scope"}))
|
||||
@Data
|
||||
@NoArgsConstructor
|
||||
|
|
|
|||
|
|
@ -19,7 +19,7 @@ import lombok.Data;
|
|||
import lombok.NoArgsConstructor;
|
||||
|
||||
@Entity
|
||||
@Table(name = "role_info")
|
||||
@Table(schema="auth", name = "role_info")
|
||||
@Data
|
||||
@NoArgsConstructor
|
||||
@AllArgsConstructor
|
||||
|
|
|
|||
|
|
@ -18,7 +18,7 @@ import lombok.Data;
|
|||
import lombok.NoArgsConstructor;
|
||||
|
||||
@Entity
|
||||
@Table(name = "role_permission")
|
||||
@Table(schema="auth", name = "role_permission")
|
||||
@Data
|
||||
@NoArgsConstructor
|
||||
@AllArgsConstructor
|
||||
|
|
|
|||
|
|
@ -19,7 +19,7 @@ import lombok.Data;
|
|||
import lombok.NoArgsConstructor;
|
||||
|
||||
@Entity
|
||||
@Table(name = "employee_token")
|
||||
@Table(schema="auth", name = "employee_token")
|
||||
@Data
|
||||
@NoArgsConstructor
|
||||
@AllArgsConstructor
|
||||
|
|
|
|||
Loading…
Reference in New Issue