Konkuk-KUIT · jungan777 · Nov 22, 2024
diff --git a/src/main/java/com/kuit/kuit4serverauth/config/WebConfig.java b/src/main/java/com/kuit/kuit4serverauth/config/WebConfig.java
@@ -15,6 +15,7 @@ public WebConfig(AuthInterceptor authInterceptor) {
 
     @Override
     public void addInterceptors(InterceptorRegistry registry) {
-        // TODO /profile, /admin 앞에 붙이기
+        registry.addInterceptor(authInterceptor)
+                .addPathPatterns("/profile","/admin");
     }
 }
diff --git a/src/main/java/com/kuit/kuit4serverauth/controller/AuthController.java b/src/main/java/com/kuit/kuit4serverauth/controller/AuthController.java
@@ -18,6 +18,7 @@
 public class AuthController {
     private final UserRepository userRepository;
     private final JwtUtil jwtUtil;
+    //todo token 구현하기
 
     public AuthController(UserRepository userRepository, JwtUtil jwtUtil) {
         this.userRepository = userRepository;

diff --git a/src/main/java/com/kuit/kuit4serverauth/controller/UserController.java b/src/main/java/com/kuit/kuit4serverauth/controller/UserController.java
@@ -6,18 +6,33 @@
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.RestController;
 
+import java.util.Objects;
+
 @RestController
 public class UserController {
 
     @GetMapping("/profile")
     public ResponseEntity<String> getProfile(HttpServletRequest request) {
         // TODO : 로그인 한 사용자면 username 이용해 "Hello, {username}" 반환하기
+        String username = (String) request.getAttribute("username");
+
+        if (username != null) {
+            return ResponseEntity.ok("Hello, " + username);
+        }
+        //todo Service layer 로 빼서 리팩토링..
+        // 요청 응답 dto 감싸기
         return ResponseEntity.status(HttpStatus.UNAUTHORIZED).body("Unauthorized");
     }
 
     @GetMapping("/admin")
     public ResponseEntity<String> getAdmin(HttpServletRequest request) {
         // TODO: role이 admin이면 "Hello, admin" 반환하기
+        String role = (String) request.getAttribute("role");
+
+        if (Objects.equals(role, "ROLE_ADMIN")) {
+            return ResponseEntity.ok("Hello, admin");
+        }
+
         return ResponseEntity.status(HttpStatus.FORBIDDEN).body("Forbidden");
     }
 }
diff --git a/src/main/java/com/kuit/kuit4serverauth/service/JwtUtil.java b/src/main/java/com/kuit/kuit4serverauth/service/JwtUtil.java
@@ -7,11 +7,12 @@
 import io.jsonwebtoken.SignatureAlgorithm;
 import org.springframework.stereotype.Component;
 
+import java.util.Base64;
 import java.util.Date;
 
 @Component
 public class JwtUtil {
-    private final String secret = "mysecretkey";
+    private final String secret = "wenoqwineofnioweniowfnoqwfenoifnewiofqnoinqo";
     private final long expirationMs = 3600000; // 1 hour
 
     public String generateToken(String username, String role) {
@@ -34,4 +35,4 @@ public Claims validateToken(String token) {
             throw new CustomException(ErrorCode.INVALID_TOKEN);
         }
     }
-}
+}
diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml
@@ -13,6 +13,6 @@ spring:
       path: /h2-console
 
 jwt:
-  secret: mysecretkey
+  secret: wenoqwineofnioweniowfnoqwfenoifnewiofqnoinqo
   expiration: 3600000