feat : SpringSecurity 적용 및 유저 권한 API체크

src/main/java/kusitms/gallae/config/ExceptionHandlerAdvice.java

@@ -1,6 +1,7 @@
 package kusitms.gallae.config;
 
 import jakarta.servlet.http.HttpServletRequest;
+import kusitms.gallae.global.jwt.JwtException;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.ExceptionHandler;
@@ -18,6 +19,13 @@ public ResponseEntity<BaseResponse<?>> handleBaseException(BaseException e, Http
         return ResponseEntity.status(e.getStatus().getHttpStatus()).body(new BaseResponse<>(e.getStatus()));
     }
 
+
+    @ExceptionHandler(JwtException.class)
+    public ResponseEntity<BaseResponse<?>> handleJwtException(BaseException e, HttpServletRequest request) {
+
+        return ResponseEntity.status(e.getStatus().getHttpStatus()).body(new BaseResponse<>(e.getStatus()));
+    }
+
     @ExceptionHandler(IOException.class)
     public ResponseEntity<BaseResponse<?>> handleIOException(BaseException e, HttpServletRequest request) {
 

src/main/java/kusitms/gallae/config/SpringSecurityConfig.java

@@ -1,6 +1,7 @@
 package kusitms.gallae.config;
 
 
+import kusitms.gallae.global.Role;
 import kusitms.gallae.global.jwt.JwtAccessDeniedHandler;
 import kusitms.gallae.global.jwt.JwtAuthenticationEntryPoint;
 import kusitms.gallae.global.jwt.JwtAuthenticationFilter;
@@ -49,6 +50,7 @@ public SecurityFilterChain SecurityFilterChain(HttpSecurity httpSecurity) throws
                 .csrf().disable()
                 .cors().configurationSource(corsConfigurationSource()).and()
                 .authorizeHttpRequests()
+                .requestMatchers("/manager/**").hasRole(Role.MANAGER.getValue())
                 .anyRequest().permitAll().and()
                 .exceptionHandling()
                 .authenticationEntryPoint(this.jwtAuthenticationEntryPoint)

src/main/java/kusitms/gallae/controller/ManagerController.java

@@ -14,6 +14,7 @@
 import kusitms.gallae.dto.program.ProgramPageMangagerRes;
 import kusitms.gallae.dto.program.ProgramPostReq;
 import kusitms.gallae.global.S3Service;
+import kusitms.gallae.global.jwt.AuthUtil;
 import kusitms.gallae.service.admin.ManagerService;
 import kusitms.gallae.service.program.ProgramService;
 import lombok.RequiredArgsConstructor;
@@ -24,6 +25,7 @@
 import org.springframework.web.multipart.MultipartFile;
 
 import java.io.IOException;
+import java.security.Principal;
 
 
 @RequiredArgsConstructor
@@ -62,6 +64,8 @@ public ResponseEntity<BaseResponse> deleteTempProgram(
 
     @Operation(summary = "프로그램 저장", description = """
             프로그램 저장을 합니다.
+            
+            포스트맨에서 테스트 하세요
             다른 API와 다르게 파일과 json Data를 구분해야합니다.
             프론트엔드 분은 아래 링크를 참고 해주세요
             
@@ -77,20 +81,18 @@ public ResponseEntity<BaseResponse> deleteTempProgram(
             \n
             2번을 위한 API  
             """)
-    @PostMapping(value = "/save", consumes = { MediaType.MULTIPART_FORM_DATA_VALUE})
+    @PostMapping(value = "/save")
     public ResponseEntity<BaseResponse> saveProgram(
-            @Parameter(description = "이미지 제외하고 전부")
-            @RequestPart
-            PostModel model,
+            Principal principal,
 
-            @Parameter(description = "프로그램 이미지")
-            @RequestPart(required = false)
-            MultipartFile photo
+            @ModelAttribute
+            PostModel model
     ) throws IOException {
         String photoUrl = null;
-        if(photo != null) {
-            photoUrl = s3Service.upload(photo);
+        if(model.getPhoto() != null) {
+            photoUrl = s3Service.upload(model.getPhoto());
         }
+
         ProgramPostReq programPostReq = new ProgramPostReq();
         programPostReq.setProgramName(model.getProgramName());
         programPostReq.setPhotoUrl(photoUrl);
@@ -106,7 +108,7 @@ public ResponseEntity<BaseResponse> saveProgram(
         programPostReq.setLink(model.getLink());
         programPostReq.setHashtag(model.getHashtag());
         programPostReq.setBody(model.getBody());
-        this.managerService.postProgram(programPostReq);
+        this.managerService.postProgram(programPostReq, principal.getName());
 
         return ResponseEntity.ok(new BaseResponse<>(BaseResponseStatus.SUCCESS));
     }
@@ -130,6 +132,8 @@ public ResponseEntity<BaseResponse<ProgramDetailRes>> findProgramDetail(
             """)
     @GetMapping("/progressPrograms")
     public ResponseEntity<BaseResponse<ProgramPageMangagerRes>> findProgramManagerProgress(
+            Principal principal,
+
             @Parameter(description = "프로그램 타입")
             @RequestParam(value = "programType", required = false)
             String programType,
@@ -150,7 +154,7 @@ public ResponseEntity<BaseResponse<ProgramPageMangagerRes>> findProgramManagerPr
         programManagerReq.setStatus(Program.ProgramStatus.SAVE);
         PageRequest pageRequest = PageRequest.of(pageNumber,pagingSize);
         programManagerReq.setPageable(pageRequest);
-        return ResponseEntity.ok(new BaseResponse<>(this.managerService.getManagerPrograms(programManagerReq)));
+        return ResponseEntity.ok(new BaseResponse<>(this.managerService.getManagerPrograms(programManagerReq, principal.getName())));
     }
 
     @Operation(summary = "관리자 프로그램 중 마감된 정보들 가져오기", description = """
@@ -159,6 +163,8 @@ public ResponseEntity<BaseResponse<ProgramPageMangagerRes>> findProgramManagerPr
             """)
     @GetMapping("/finishPrograms")
     public ResponseEntity<BaseResponse<ProgramPageMangagerRes>> findProgramManagerFinish(
+            Principal principal,
+
             @Parameter(description = "프로그램 유형")
             @RequestParam(value = "programType", required = false)
             String programType,
@@ -179,7 +185,7 @@ public ResponseEntity<BaseResponse<ProgramPageMangagerRes>> findProgramManagerFi
         programManagerReq.setStatus(Program.ProgramStatus.FINISH);
         PageRequest pageRequest = PageRequest.of(pageNumber,pagingSize);
         programManagerReq.setPageable(pageRequest);
-        return ResponseEntity.ok(new BaseResponse<>(this.managerService.getManagerPrograms(programManagerReq)));
+        return ResponseEntity.ok(new BaseResponse<>(this.managerService.getManagerPrograms(programManagerReq, principal.getName())));
     }
 
     @Operation(summary = "프로그램 임시저장", description = """
@@ -190,19 +196,16 @@ public ResponseEntity<BaseResponse<ProgramPageMangagerRes>> findProgramManagerFi
             https://leeggmin.tistory.com/7
             
             """)
-    @PostMapping(value = "/tempSave", consumes = { MediaType.MULTIPART_FORM_DATA_VALUE})
+    @PostMapping(value = "/tempSave")
     public ResponseEntity<BaseResponse> tempSaveProgram(
-            @Parameter(description = "이미지 제외하고 전부")
-            @RequestPart
-            PostModel model,
+            Principal principal,
 
-            @Parameter(description = "프로그램 이미지")
-            @RequestPart(required = false)
-            MultipartFile photo
+            @ModelAttribute
+            PostModel model
     ) throws IOException {
         String photoUrl = null;
-        if(photo != null) {
-            photoUrl = s3Service.upload(photo);
+        if(model.getPhoto() != null) {
+            photoUrl = s3Service.upload(model.getPhoto());
         }
         ProgramPostReq programPostReq = new ProgramPostReq();
         programPostReq.setProgramName(model.getProgramName());
@@ -219,7 +222,7 @@ public ResponseEntity<BaseResponse> tempSaveProgram(
         programPostReq.setLink(model.getLink());
         programPostReq.setHashtag(model.getHashtag());
         programPostReq.setBody(model.getBody());
-        this.managerService.postTempProgram(programPostReq);
+        this.managerService.postTempProgram(programPostReq, principal.getName());
 
         return ResponseEntity.ok(new BaseResponse<>(BaseResponseStatus.SUCCESS));
     }
@@ -238,9 +241,10 @@ public ResponseEntity<BaseResponse> tempSaveProgram(
             1번을 위한 API
             """)
     @GetMapping("/findTemp")
-    public ResponseEntity<BaseResponse<ProgramPostReq>> findTempProgram() {
+    public ResponseEntity<BaseResponse<ProgramPostReq>> findTempProgram(Principal principal) {
+
         //사용자 로그인 들어오면
-        return ResponseEntity.ok(new BaseResponse<>(this.managerService.getTempProgram()));
+        return ResponseEntity.ok(new BaseResponse<>(this.managerService.getTempProgram(principal.getName())));
     }
 
 

src/main/java/kusitms/gallae/controller/UserController.java

@@ -1,7 +1,11 @@
 package kusitms.gallae.controller;
 
+import io.swagger.v3.oas.annotations.Operation;
+import io.swagger.v3.oas.annotations.Parameter;
+import kusitms.gallae.config.BaseResponse;
 import kusitms.gallae.config.BaseResponseStatus;
 import kusitms.gallae.domain.User;
+import kusitms.gallae.dto.user.ManagerRegistratiorDto;
 import kusitms.gallae.dto.user.UserRegistrationDto;
 import kusitms.gallae.service.user.UserService;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -19,7 +23,7 @@ public UserController(UserService userService) {
         this.userService = userService;
     }
 
-    @PostMapping("/register")
+    @PostMapping("/register/user")
     public ResponseEntity<?> registerUser(@ModelAttribute UserRegistrationDto registrationDto) {
         try {
             userService.registerNewUser(registrationDto);
@@ -28,4 +32,42 @@ public ResponseEntity<?> registerUser(@ModelAttribute UserRegistrationDto regist
             return ResponseEntity.badRequest().body(e.getMessage());
         }
     }
+
+    @PostMapping("/register/manager")
+    public ResponseEntity<?> registerManager(@ModelAttribute ManagerRegistratiorDto registrationDto) {
+        try {
+            userService.registerNewManager(registrationDto);
+            return ResponseEntity.ok(BaseResponseStatus.SUCCESS);
+        } catch (Exception e) {
+            return ResponseEntity.badRequest().body(e.getMessage());
+        }
+    }
+
+    @Operation(summary = "닉네임 중복 체크", description = """
+            중복되면 true,
+            아니면 False;
+            
+            """)
+    @GetMapping("/checkNickname")
+    public  ResponseEntity<BaseResponse<Boolean>> checkNickName(
+            @Parameter(description = "닉네임", example = "이름")
+            @RequestParam(value = "NickName")
+            String nickName
+    ) {
+        return ResponseEntity.ok(new BaseResponse<>(userService.checkDuplicateNickName(nickName)));
+    }
+
+    @Operation(summary = "로그인 중복 체크", description = """
+            중복되면 true,
+            아니면 False;
+            
+            """)
+    @GetMapping("/checkLoginId")
+    public  ResponseEntity<BaseResponse<Boolean>> checkLoginId(
+            @Parameter(description = "아이", example = "이름")
+            @RequestParam(value = "loginId")
+            String loginId
+    ) {
+        return ResponseEntity.ok(new BaseResponse<>(userService.checkDuplicateLoginId(loginId)));
+    }
 }

src/main/java/kusitms/gallae/domain/User.java

@@ -25,17 +25,22 @@ public class User {
     @GeneratedValue(strategy = GenerationType.IDENTITY)
     private Long id;
 
-    private String nickName;
+    private String nickName;   //기업이면 이게 기관명
+
+    private String registrationNum;
+
+    private String department;  //담당 부서
 
     private String loginId;
 
     private String loginPw;
 
     private String refreshToken;
-    private String name;
+    private String name;   //담당자 명
     private String phoneNumber;
     private String email;
     private String profileImageUrl;
+    private Long point;
 
     @Enumerated(EnumType.STRING)
     @Column(nullable = false)

src/main/java/kusitms/gallae/dto/model/PostModel.java

@@ -46,4 +46,6 @@ public class PostModel {
     private String hashtag;
 
     private String body;
+
+    private MultipartFile photo;
 }

src/main/java/kusitms/gallae/dto/user/ManagerRegistratiorDto.java

@@ -0,0 +1,32 @@
+package kusitms.gallae.dto.user;
+
+
+import lombok.Data;
+import org.springframework.web.multipart.MultipartFile;
+
+@Data
+public class ManagerRegistratiorDto {
+
+    private String companyName;
+
+    private String registNum;
+
+    private String department;
+
+    private String name;
+
+    private String loginId;
+
+    private String loginPw;
+
+    private String email;
+
+    private String phoneNum;
+
+    private MultipartFile profileImage;
+
+    public MultipartFile getProfileImage() {
+        return profileImage;
+    }
+
+}

src/main/java/kusitms/gallae/global/jwt/JwtProvider.java

@@ -24,7 +24,7 @@ public class JwtProvider{
     private static final String AUTHORITIES_KEY = "authorities";
 
     private final String secret="wewef23fewfwfwfeefkalefalekfalekfaef2iweifejslqeqwew";
-    private final long durationSeconds= 12*60*60;
+    private final long durationSeconds= 12*60*60*60*60*1000;
 
 
     public String createToken(String username, List<Role> roles) {

src/main/java/kusitms/gallae/repository/user/UserRepository.java

@@ -13,5 +13,7 @@ public interface UserRepository extends JpaRepository<User, Long> {
     boolean existsByNickName(String nickName);
     Optional<User> findByLoginId(String loginId);
 
+    Optional<User> findByName(String username);
+
     Optional<User> findByLoginIdAndLoginPw(String loginId, String loginPw);
 }

src/main/java/kusitms/gallae/service/admin/ManagerService.java

@@ -5,15 +5,15 @@
 public interface ManagerService {
 
 
-    void postProgram(ProgramPostReq programPostReq);
+    void postProgram(ProgramPostReq programPostReq,String username);
 
-    void postTempProgram(ProgramPostReq programPostReq);
+    void postTempProgram(ProgramPostReq programPostReq,String username);
 
-    ProgramPostReq getTempProgram();
+    ProgramPostReq getTempProgram(String username);
 
     ProgramDetailRes getProgramDetail(Long id);
 
-    ProgramPageMangagerRes getManagerPrograms(ProgramManagerReq programManagerReq);
+    ProgramPageMangagerRes getManagerPrograms(ProgramManagerReq programManagerReq, String username);
 
     void deleteTempProgram(Long programId);