diff --git a/src/main/java/io/company/localhost/common/exception/code/CommonErrorCode.java b/src/main/java/io/company/localhost/common/exception/code/CommonErrorCode.java index 49a45a5..5d99fd4 100644 --- a/src/main/java/io/company/localhost/common/exception/code/CommonErrorCode.java +++ b/src/main/java/io/company/localhost/common/exception/code/CommonErrorCode.java @@ -23,13 +23,18 @@ import lombok.RequiredArgsConstructor; @RequiredArgsConstructor public enum CommonErrorCode implements ErrorCode { - INVALID_PARAMETER(HttpStatus.BAD_REQUEST.value(),HttpStatus.BAD_REQUEST,"잘못된 매개변수가 포함되었습니다."), - RESOURCE_NOT_FOUND(HttpStatus.NOT_FOUND.value(),HttpStatus.NOT_FOUND,"리소스가 존재하지 않습니다"), - INTERNAL_SERVER_ERROR(HttpStatus.INTERNAL_SERVER_ERROR.value(),HttpStatus.INTERNAL_SERVER_ERROR,"내부 서버 오류"), + INVALID_PARAMETER(HttpStatus.BAD_REQUEST,"잘못된 매개변수가 포함되었습니다."), + RESOURCE_NOT_FOUND(HttpStatus.NOT_FOUND,"리소스가 존재하지 않습니다"), + INTERNAL_SERVER_ERROR(HttpStatus.INTERNAL_SERVER_ERROR,"내부 서버 오류"), ; private final long code; private final HttpStatus httpStatus; private final String message; + CommonErrorCode(HttpStatus httpStatus, String message) { + this.code = httpStatus.value(); + this.httpStatus = httpStatus; + this.message = message; + } } diff --git a/src/main/java/io/company/localhost/common/exception/code/UserErrorCode.java b/src/main/java/io/company/localhost/common/exception/code/UserErrorCode.java index d9ebbdf..c7a4be5 100644 --- a/src/main/java/io/company/localhost/common/exception/code/UserErrorCode.java +++ b/src/main/java/io/company/localhost/common/exception/code/UserErrorCode.java @@ -24,13 +24,23 @@ import lombok.RequiredArgsConstructor; @RequiredArgsConstructor public enum UserErrorCode implements ErrorCode { - NOT_AUTH_USER(HttpStatus.UNAUTHORIZED.value(),HttpStatus.UNAUTHORIZED ,"로그인이 필요합니다."), - INACTIVE_USER(HttpStatus.FORBIDDEN.value(),HttpStatus.FORBIDDEN,"권한이 필요합니다."); + NOT_AUTH_USER(HttpStatus.UNAUTHORIZED ,"로그인이 필요합니다."), + INACTIVE_USER(HttpStatus.FORBIDDEN,"권한이 필요합니다."), + USER_NOT_FOUND(HttpStatus.UNAUTHORIZED,"아이디 혹은 비밀번호가 틀렸습니다."), + NOT_AUTHORIZED(HttpStatus.UNAUTHORIZED,"비인가 계정입니다."), + EXIT_USER(HttpStatus.UNAUTHORIZED,"탈퇴한 계정입니다."), + BAD_CREDENTIAL(HttpStatus.UNAUTHORIZED, "아이디 혹은 비밀번호 문제") + ; private final long code; private final HttpStatus httpStatus; private final String message; + UserErrorCode(HttpStatus httpStatus, String message) { + this.code = httpStatus.value(); + this.httpStatus = httpStatus; + this.message = message; + } public ApiResponse getApiResponse() { return ApiResponse.error(this.getHttpStatus() , this.getMessage()); diff --git a/src/main/java/io/company/localhost/common/security/config/SecurityConfig.java b/src/main/java/io/company/localhost/common/security/config/SecurityConfig.java index ae11f31..e8e6819 100644 --- a/src/main/java/io/company/localhost/common/security/config/SecurityConfig.java +++ b/src/main/java/io/company/localhost/common/security/config/SecurityConfig.java @@ -50,6 +50,7 @@ public class SecurityConfig { // 의존성 주입 private final AuthenticationProvider memberAuthenticatorProvider; private final MemberPrincipalDetailService userDetailsService; + private final MemberAuthSuccessHandler successHandler; private final MemberAuthFailureHandler failureHandler; private final AuthorizationManager authorizationManager; @@ -71,8 +72,6 @@ public class SecurityConfig { .authenticationProvider(memberAuthenticatorProvider) .build(); - MemberAuthSuccessHandler successHandler = new MemberAuthSuccessHandler(rememberMeServices()); - http .securityMatcher("/api/**") // '/api/**' 경로에 대해서만 보안 적용 .authorizeHttpRequests(auth -> diff --git a/src/main/java/io/company/localhost/common/security/handler/MemberAuthFailureHandler.java b/src/main/java/io/company/localhost/common/security/handler/MemberAuthFailureHandler.java index 4ef6488..3acbd4d 100644 --- a/src/main/java/io/company/localhost/common/security/handler/MemberAuthFailureHandler.java +++ b/src/main/java/io/company/localhost/common/security/handler/MemberAuthFailureHandler.java @@ -15,10 +15,11 @@ package io.company.localhost.common.security.handler; import com.fasterxml.jackson.databind.ObjectMapper; +import io.company.localhost.common.dto.ApiResponse; +import io.company.localhost.common.exception.code.UserErrorCode; import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletResponse; import org.springframework.http.MediaType; -import org.springframework.security.authentication.BadCredentialsException; import org.springframework.security.core.AuthenticationException; import org.springframework.security.web.authentication.AuthenticationFailureHandler; import org.springframework.stereotype.Component; @@ -35,10 +36,17 @@ public class MemberAuthFailureHandler implements AuthenticationFailureHandler { response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); response.setContentType(MediaType.APPLICATION_JSON_VALUE); - if (exception instanceof BadCredentialsException) { - mapper.writeValue(response.getWriter(),"아이디 혹은 비밀번호 문제"); + ApiResponse res = UserErrorCode.BAD_CREDENTIAL.getApiResponse(); + String message = exception.getMessage(); + + if (message.startsWith("NOT_FOUND")) { + res = UserErrorCode.USER_NOT_FOUND.getApiResponse(); + } else if (message.startsWith("NOT_AUTHORIZED")) { + res = UserErrorCode.NOT_AUTHORIZED.getApiResponse(); + } else if (message.startsWith("EXIT")) { + res = UserErrorCode.EXIT_USER.getApiResponse(); } - mapper.writeValue(response.getWriter(), "인증 실패"); + response.getWriter().write(mapper.writeValueAsString(res)); } } diff --git a/src/main/java/io/company/localhost/common/security/handler/MemberAuthSuccessHandler.java b/src/main/java/io/company/localhost/common/security/handler/MemberAuthSuccessHandler.java index 430814d..e125983 100644 --- a/src/main/java/io/company/localhost/common/security/handler/MemberAuthSuccessHandler.java +++ b/src/main/java/io/company/localhost/common/security/handler/MemberAuthSuccessHandler.java @@ -15,7 +15,7 @@ package io.company.localhost.common.security.handler; import com.fasterxml.jackson.databind.ObjectMapper; -import io.company.localhost.vo.MemberVo; +import io.company.localhost.common.dto.ApiResponse; import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletResponse; import jakarta.servlet.http.HttpSession; @@ -25,7 +25,6 @@ import org.springframework.http.MediaType; import org.springframework.security.core.Authentication; import org.springframework.security.web.WebAttributes; import org.springframework.security.web.authentication.AuthenticationSuccessHandler; -import org.springframework.security.web.authentication.RememberMeServices; import org.springframework.stereotype.Component; import java.io.IOException; @@ -34,21 +33,14 @@ import java.io.IOException; @Component("successHandler") public class MemberAuthSuccessHandler implements AuthenticationSuccessHandler{ - private final RememberMeServices rememberMeServices; - - public MemberAuthSuccessHandler(RememberMeServices rememberMeServices) { - this.rememberMeServices = rememberMeServices; - } - @Override public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException { ObjectMapper mapper = new ObjectMapper(); - MemberVo member = (MemberVo) authentication.getPrincipal(); response.setStatus(HttpStatus.OK.value()); response.setContentType(MediaType.APPLICATION_JSON_VALUE); - mapper.writeValue(response.getWriter(), member); + response.getWriter().write(mapper.writeValueAsString(ApiResponse.ok("Success"))); clearAuthenticationAttributes(request); } diff --git a/src/main/java/io/company/localhost/common/security/service/MemberPrincipalDetailService.java b/src/main/java/io/company/localhost/common/security/service/MemberPrincipalDetailService.java index 288e35e..3a6b9b4 100644 --- a/src/main/java/io/company/localhost/common/security/service/MemberPrincipalDetailService.java +++ b/src/main/java/io/company/localhost/common/security/service/MemberPrincipalDetailService.java @@ -36,13 +36,13 @@ public class MemberPrincipalDetailService implements UserDetailsService { // 없을경우 에러 발생 if(member == null) - throw new UsernameNotFoundException(id + "을 찾을 수 없습니다."); + throw new UsernameNotFoundException("NOT_FOUND"); if(!"Y".equals(member.getIsUsed())) - throw new UsernameNotFoundException("사용할 수 없는 계정입니다."); + throw new UsernameNotFoundException("NOT_AUTHORIZED"); if(!"N".equals(member.getIsDel())) - throw new UsernameNotFoundException("삭제된 계정입니다."); + throw new UsernameNotFoundException("EXIT"); // MemberPrincipalDetails 에 Member 객체를 넘겨줌 return new MemberPrincipalDetails(member);