pav
/
pav-server
9
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Browse Source

token에 권한정보 추가

feature/auth
지대한 2 years ago
parent
2795f65d50
commit
4422c2b47e
5 changed files with 107 additions and 22 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 9
      src/main/java/com/palnet/biz/api/acnt/jwt/model/JwtGroupModel.java
  2. 13
      src/main/java/com/palnet/biz/api/acnt/jwt/model/JwtUserModel.java
  3. 59
      src/main/java/com/palnet/biz/api/acnt/jwt/utils/JwtTokenUtil.java
  4. 13
      src/main/java/com/palnet/biz/jpa/repository/pty/PtyCrtfyhpBasQueryRepository.java
  5. 35
      src/main/java/com/palnet/biz/jpa/repository/pty/PtyCstmrQueryRepository.java

9
src/main/java/com/palnet/biz/api/acnt/jwt/model/JwtGroupModel.java
Unescape View File

@ -0,0 +1,9 @@
package com.palnet.biz.api.acnt.jwt.model;
import lombok.Data;
@Data
public class JwtGroupModel {
private String groupId;
private String groupAuthCd;
}

13
src/main/java/com/palnet/biz/api/acnt/jwt/model/JwtUserModel.java
Unescape View File

@ -1,13 +1,14 @@
package com.palnet.biz.api.acnt.jwt.model; package com.palnet.biz.api.acnt.jwt.model;
import lombok.*;
import lombok.AllArgsConstructor;
import lombok.Data;
import lombok.NoArgsConstructor;
import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority; import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails; import org.springframework.security.core.userdetails.UserDetails;
import javax.persistence.*; import javax.persistence.*;
import java.util.Collection; import java.util.*;
import java.util.HashSet;
import java.util.Set;
@Entity @Entity
@Data @Data
@ -34,7 +35,9 @@ public class JwtUserModel implements UserDetails {
@Column(name = "CSTMR_STATUS_CD") @Column(name = "CSTMR_STATUS_CD")
private String cstmrStatusCd; private String cstmrStatusCd;
@Transient
private List<JwtGroupModel> group;
// 사용자의 권한을 콜렉션 형태로 반환 // 사용자의 권한을 콜렉션 형태로 반환

59
src/main/java/com/palnet/biz/api/acnt/jwt/utils/JwtTokenUtil.java
Unescape View File

@ -1,21 +1,24 @@
package com.palnet.biz.api.acnt.jwt.utils; package com.palnet.biz.api.acnt.jwt.utils;
import java.io.Serializable; import com.palnet.biz.api.acnt.jwt.model.JwtGroupModel;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;
import java.util.function.Function;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.stereotype.Component;
import com.palnet.biz.api.acnt.jwt.model.JwtUserModel; import com.palnet.biz.api.acnt.jwt.model.JwtUserModel;
import io.jsonwebtoken.Claims; import io.jsonwebtoken.Claims;
import io.jsonwebtoken.Jwts; import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm; import io.jsonwebtoken.SignatureAlgorithm;
import lombok.extern.log4j.Log4j2; import lombok.extern.log4j.Log4j2;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.stereotype.Component;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;
import javax.servlet.http.HttpServletRequest;
import java.io.Serializable;
import java.util.Date;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.function.Function;
@Component @Component
@Log4j2 @Log4j2
@ -30,6 +33,8 @@ public class JwtTokenUtil implements Serializable {
@Value("${spring.jwt.secret}") @Value("${spring.jwt.secret}")
private String secret; private String secret;
@Value("${spring.jwt.prefix}")
private String JWT_PREFIX;
//retrieve username from jwt token //retrieve username from jwt token
// jwt token으로부터 username을 획득한다. // jwt token으로부터 username을 획득한다.
@ -66,6 +71,7 @@ public class JwtTokenUtil implements Serializable {
Map<String, Object> claims = new HashMap<>(); Map<String, Object> claims = new HashMap<>();
claims.put("userId", userDetails.getUserId()); claims.put("userId", userDetails.getUserId());
claims.put("cstmrSno", userDetails.getCstmrSno()); claims.put("cstmrSno", userDetails.getCstmrSno());
claims.put("group", userDetails.getGroup());
return doGenerateToken(claims, userDetails.getUsername()); return doGenerateToken(claims, userDetails.getUsername());
} }
@ -101,4 +107,35 @@ public class JwtTokenUtil implements Serializable {
final String username = getUsernameFromToken(token); final String username = getUsernameFromToken(token);
return (username.equals(userDetails.getUsername()) && !isTokenExpired(token)); return (username.equals(userDetails.getUsername()) && !isTokenExpired(token));
} }
public String getUserIdByToken() {
ServletRequestAttributes sra = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
HttpServletRequest rq = sra.getRequest();
String token = rq.getHeader("Authorization");
if(token == null || "".equals(token)) return null;
token = token.substring(JWT_PREFIX.length()).trim();
String userId = getUsernameFromToken(token);
return userId;
}
public Integer getCstmrSnoByToken() {
ServletRequestAttributes sra = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
HttpServletRequest rq = sra.getRequest();
String token = rq.getHeader("Authorization");
if(token == null || "".equals(token)) return null;
token = token.substring(JWT_PREFIX.length()).trim();
Claims payload = getAllClaimsFromToken(token);
Integer cstmrSno = payload.get("cstmrSno",Integer.class);
return cstmrSno;
}
public List<JwtGroupModel> getGroupAuthByToken() {
ServletRequestAttributes sra = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
HttpServletRequest rq = sra.getRequest();
String token = rq.getHeader("Authorization");
if(token == null || "".equals(token)) return null;
token = token.substring(JWT_PREFIX.length()).trim();
Claims payload = getAllClaimsFromToken(token);
List<JwtGroupModel> cstmrSno = payload.get("group",List.class);
return cstmrSno;
}
} }

13
src/main/java/com/palnet/biz/jpa/repository/pty/PtyCrtfyhpBasQueryRepository.java
Unescape View File

@ -9,7 +9,8 @@ import lombok.RequiredArgsConstructor;
import lombok.extern.log4j.Log4j2; import lombok.extern.log4j.Log4j2;
import org.springframework.stereotype.Repository; import org.springframework.stereotype.Repository;
import java.time.LocalDateTime; import java.util.Calendar;
import java.util.Date;
import java.util.List; import java.util.List;
@Log4j2 @Log4j2
@ -21,11 +22,19 @@ public class PtyCrtfyhpBasQueryRepository{
public List<PtyCrtfyhpBas> confirmSms(String hpno , String crtfyNo){ public List<PtyCrtfyhpBas> confirmSms(String hpno , String crtfyNo){
QPtyCrtfyhpBas qEntity = QPtyCrtfyhpBas.ptyCrtfyhpBas; QPtyCrtfyhpBas qEntity = QPtyCrtfyhpBas.ptyCrtfyhpBas;
Date now = Calendar.getInstance().getTime();
Calendar calendar = Calendar.getInstance();
calendar.add(Calendar.MINUTE, -5);
Date prevTime = calendar.getTime();
BooleanBuilder builder = new BooleanBuilder(); BooleanBuilder builder = new BooleanBuilder();
builder.and(qEntity.crtfyhpNo.eq(crtfyNo)); builder.and(qEntity.crtfyhpNo.eq(crtfyNo));
builder.and(qEntity.crtfyhpYn.eq("N")); builder.and(qEntity.crtfyhpYn.eq("N"));
builder.and(qEntity.createDt.between(LocalDateTime.now().minusMinutes(5), LocalDateTime.now())); // builder.and(qEntity.createDt.between(LocalDateTime.now().minusMinutes(5), LocalDateTime.now()));
builder.and(qEntity.createDt.goe(prevTime));
builder.and(qEntity.createDt.loe(now));
List<PtyCrtfyhpBas> entity = List<PtyCrtfyhpBas> entity =
query.select(qEntity).from(qEntity) query.select(qEntity).from(qEntity)

35
src/main/java/com/palnet/biz/jpa/repository/pty/PtyCstmrQueryRepository.java
Unescape View File

@ -1,12 +1,11 @@
package com.palnet.biz.jpa.repository.pty; package com.palnet.biz.jpa.repository.pty;
import com.palnet.biz.api.acnt.jwt.model.JwtGroupModel;
import com.palnet.biz.jpa.entity.*;
import org.springframework.stereotype.Repository; import org.springframework.stereotype.Repository;
import com.palnet.biz.api.acnt.jwt.model.JwtProfileRsModel; import com.palnet.biz.api.acnt.jwt.model.JwtProfileRsModel;
import com.palnet.biz.api.acnt.jwt.model.JwtUserModel; import com.palnet.biz.api.acnt.jwt.model.JwtUserModel;
import com.palnet.biz.jpa.entity.PtyCstmrBas;
import com.palnet.biz.jpa.entity.QPtyCstmrBas;
import com.palnet.biz.jpa.entity.QPtyCstmrDtl;
import com.querydsl.core.BooleanBuilder; import com.querydsl.core.BooleanBuilder;
import com.querydsl.core.types.Projections; import com.querydsl.core.types.Projections;
import com.querydsl.jpa.impl.JPAQueryFactory; import com.querydsl.jpa.impl.JPAQueryFactory;
@ -14,6 +13,9 @@ import com.querydsl.jpa.impl.JPAQueryFactory;
import lombok.RequiredArgsConstructor; import lombok.RequiredArgsConstructor;
import lombok.extern.log4j.Log4j2; import lombok.extern.log4j.Log4j2;
import java.util.ArrayList;
import java.util.List;
@Log4j2 @Log4j2
@Repository @Repository
@RequiredArgsConstructor @RequiredArgsConstructor
@ -72,6 +74,8 @@ public class PtyCstmrQueryRepository{
public JwtUserModel findUserPassword(String userId) { public JwtUserModel findUserPassword(String userId) {
QPtyCstmrBas basEntity = QPtyCstmrBas.ptyCstmrBas; QPtyCstmrBas basEntity = QPtyCstmrBas.ptyCstmrBas;
QPtyCstmrGroup groupEntity = QPtyCstmrGroup.ptyCstmrGroup;
BooleanBuilder builder = new BooleanBuilder(); BooleanBuilder builder = new BooleanBuilder();
builder.and(basEntity.userId.eq(userId)); builder.and(basEntity.userId.eq(userId));
@ -79,6 +83,19 @@ public class PtyCstmrQueryRepository{
.from(basEntity) .from(basEntity)
.where(builder) .where(builder)
.fetchFirst(); .fetchFirst();
List<PtyCstmrGroup> pcgEntityList = null;
if(entity != null){
BooleanBuilder groupBuilder = new BooleanBuilder();
groupBuilder.and(groupEntity.cstmrSno.eq(entity.getCstmrSno()));
pcgEntityList = query.select(groupEntity)
.from(groupEntity)
.where(groupBuilder)
.fetch();
}
if(entity != null) { if(entity != null) {
JwtUserModel model = new JwtUserModel(); JwtUserModel model = new JwtUserModel();
model.setAuth(entity.getAuthId()); model.setAuth(entity.getAuthId());
@ -86,7 +103,17 @@ public class PtyCstmrQueryRepository{
model.setCstmrSno(entity.getCstmrSno()); model.setCstmrSno(entity.getCstmrSno());
model.setCstmrStatusCd(entity.getCstmrStatusCd()); model.setCstmrStatusCd(entity.getCstmrStatusCd());
model.setUserPswd(entity.getUserPswd()); model.setUserPswd(entity.getUserPswd());
if(pcgEntityList != null && !pcgEntityList.isEmpty()){
List<JwtGroupModel> groupModelList = new ArrayList<>();
for(PtyCstmrGroup pcgEntity : pcgEntityList){
JwtGroupModel groupModel = new JwtGroupModel();
groupModel.setGroupId(pcgEntity.getGroupId());
groupModel.setGroupAuthCd(pcgEntity.getGroupAuthCd());
groupModelList.add(groupModel);
}
model.setGroup(groupModelList);
}
return model; return model;
}else { }else {

Write Preview
Loading…
Cancel
Save