[Sping MVC(인증)] 김예진 미션 제출합니다. #160
Open
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Ohzzi
suggested changes
Jul 11, 2025
Comment on lines
+33
to
+44
| public LoginMember parseTokenAndGetMemberInfo(Cookie[] cookies) { | ||
|
|
||
| String token = ""; | ||
| for (Cookie cookie : cookies) { | ||
| if (cookie.getName().equals("token")) | ||
| token = cookie.getValue(); | ||
| } | ||
|
|
||
| if (token.isEmpty()) throw new IllegalArgumentException("로그인하지 않은 사용자입니다."); | ||
|
|
||
| return tokenParser.paseMemberInfo(token); | ||
| } |
There was a problem hiding this comment.
쿠키는 웹 기술의 영역이기 때문에 인터셉터에서 쿠키에서 원하는 값을 꺼내고 서비스에 전달해주는 형태로 구현해보는 것은 어떨까요? 지금은 너무 비즈니스 영역까지 들어온 느낌이에요. 토큰 값이 쿠키에 있든 리퀘스트바디로 넘어오든 MemberService 입장에서는 알 필요 없고 회원에 대한 책임만 가지면 되지 않을까요?
| @Value("${roomescape.auth.jwt.secret}") | ||
| private String secretKey; | ||
|
|
||
| public LoginMember paseMemberInfo(String token) { |
Comment on lines
+13
to
+14
| private final TokenProvider tokenProvider; | ||
| private final TokenParser tokenParser; |
There was a problem hiding this comment.
개인적으로는 아예 토큰 관련된 의존성은 전부 멤버서비스 바깥에 있는 쪽을 더 선호(멤버서비스는 정말 회원에 대한 의존만)하기는 합니다. 이 의존성 관련해서는 정답은 없으니 다각도로 고민해보세요!
| return new ReservationResponse(reservation.getId(), reservationRequest.getName(), reservation.getTheme().getName(), reservation.getDate(), reservation.getTime().getValue()); | ||
| } | ||
|
|
||
| private ReservationRequest replaceNameIfEmpty(ReservationRequest request, LoginMember loginMember) { | ||
| if (request.getName() == null || request.getName().isBlank()) { |
Comment on lines
+3
to
+14
| public class LoginRequest { | ||
| private String email; | ||
| private String password; | ||
|
|
||
| public String getEmail() { | ||
| return email; | ||
| } | ||
|
|
||
| public String getPassword() { | ||
| return password; | ||
| } | ||
| } |
| private Long id; | ||
| private String name; | ||
| private String email; | ||
| private String role; |
Comment on lines
+27
to
+47
| @PostMapping("/login") | ||
| public ResponseEntity<Void> login(@RequestBody LoginRequest loginRequest) { | ||
| TokenResponse token = memberService.getAccessToken(loginRequest.getEmail(), loginRequest.getPassword()); | ||
| ResponseCookie cookie = ResponseCookie.from("token", token.getAccessToken()) | ||
| .httpOnly(true) | ||
| .path("/") | ||
| .build(); | ||
|
|
||
| return ResponseEntity.ok() | ||
| .header(HttpHeaders.SET_COOKIE, cookie.toString()) | ||
| .build(); | ||
| } | ||
|
|
||
| @GetMapping("/login/check") | ||
| public ResponseEntity<MemberResponse> loingCheck(HttpServletRequest request) { | ||
| Cookie[] cookies = request.getCookies(); | ||
| LoginMember loginMember = memberService.parseTokenAndGetMemberInfo(cookies); | ||
| MemberResponse response = new MemberResponse(loginMember.getId(), loginMember.getName(), loginMember.getEmail()); | ||
| return ResponseEntity.ok().body(response); | ||
| } | ||
|
|
There was a problem hiding this comment.
로그인 관련해서는 컨트롤러가 별도로 분리되는게 좋을 것 같아요! 회원 컨트롤러는 회원 매니징에 대해서만 갖는게 맞고 로그인은 인증인가의 영역이니까요!
Comment on lines
+27
to
+29
| .claim("name", member.getName()) | ||
| .claim("role", member.getRole()) | ||
| .claim("email", member.getEmail()) |
|
|
||
| public LoginMember parseTokenAndGetMemberInfo(Cookie[] cookies) { | ||
|
|
||
| String token = ""; |
There was a problem hiding this comment.
토큰이 없는 것은 null이 더 명시적이지 않을까 하는 생각이 듭니다. 빈 문자열은 정말 빈 문자열과 헷갈릴 수 있잖아요? (물론 이 경우 빈 문자열도 문제가 되어야 하는 것은 마찬가지겠지만)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
안녕하세요 오찌!
Spring 인증 미션 제출합니다.
이번 미션을 통해 ArgumentResolver, Interceptor의 동작 방식과 사용 방법에 대해 제대로 다루어볼 수 있어 즐거웠습니다.